Podcasts about GraphQL

Hi, Spring fans! In this installment, I talk to Jennifer Reif, developer advocate at Neo4J, about graph RAG, graph databases, GraphQL, Neo4J, Spring Data Neo4J, and more. #neo4j #graphRag #AI #artificialintelligence

Engineering teams often build microservices as their systems grow, but over time this can lead to a fragmented ecosystem with scattered data access patterns, duplicated business logic, and an uneven developer experience. A unified data graph with a consistent execution layer helps address these challenges by centralizing schema, simplifying how teams compose functionality, and reducing The post Airbnb's Open-Source GraphQL Framework with Adam Miskiewicz appeared first on Software Engineering Daily.

Engineering teams often build microservices as their systems grow, but over time this can lead to a fragmented ecosystem with scattered data access patterns, duplicated business logic, and an uneven developer experience. A unified data graph with a consistent execution layer helps address these challenges by centralizing schema, simplifying how teams compose functionality, and reducing The post Airbnb's Open-Source GraphQL Framework with Adam Miskiewicz appeared first on Software Engineering Daily.

In this episode of the Liquid Weekly Podcast, hosts Karl Meisterheim and Taylor Page recap Taylor's trip to New York City for the exclusive Shopify Winter Editions meetup. They break down the "Agentic Commerce" hype, the realities of the new Universal Commerce Protocol (UCP), and why the best way to optimize for AI is actually just using Standard Category Metafields.The episode features on-the-ground interviews with key Shopify staff members, including Liam Griffin, Darius (Senior Product Lead, Dev Platform), and Eitan (Shopify Flow team), offering deep dives into the new developer tools, Shop Minis, and the future of Shopify Flow.Interviews & Highlights Liam Griffin: Discusses the Model Context Protocol (MCP) for developers, using AI for mundane tasks like REST-to-GraphQL migration, and the "Pokemon generation" explosion of Shop Minis (including a virtual sommelier!). Darius: Breaks down the Universal Commerce Protocol (UCP), how the Catalog API works with agents, and why "Agentic Engine Optimization" isn't about hacks—it's about clean data and taxonomy. Eitan: Covers the "Flow 3.0" feel with new Sidekick-generated workflows, the highly anticipated testing layer, and moving toward declarative UIs.Timestamps00:00 Introduction, Stickers, and Winter Storm Stories06:40 Taylor's NYC Editions Trip Recap20:45 Key Takeaways: Agentic Commerce & UCP Realities31:00 Live Demo: Shopify Flow Sidekick Generation & Testing Layer38:30 Developer Tip: Running Queries from Dev Docs in GraphiQL43:00 Interview: Liam Griffin (Dev MCP, Shop Minis, Dev Forums)55:20 Interview: Darius (Universal Commerce Protocol, Metaobject Limits, Catalog API)01:07:50 Interview: Eitan (Shopify Flow Updates)01:20:30 Dev Changelog Highlights01:25:00 Picks of the WeekDev Changelog New article list input settings for themes: Link Migrate metafields with Shopify App Import custom data definitions: Link [Action Required] Shop Minis development now requires partner account permissions: Link [Action Required] Standardization of asset_url version params: Link Shopify App extensions now support Admin and Theme App Extensions: Link [Action Required] Ensuring POS UI extension stability by hardening callback handling: LinkPicks of the Week Karl: MagiQuest at Great Wolf Lodge – An interactive live-action game that turns the water park lodge into a questing adventure. Taylor: DJI Mic 3 – Wireless microphones that offer professional audio quality and ease of use for field recordings and interviews.Sign Up for Liquid WeeklyDon't miss out on expert insights and tips—subscribe to Liquid Weekly for more content like this: https://liquidweekly.com/

This interview was recorded for the GOTO Book Club.http://gotopia.tech/bookclubCheck out more here:https://gotopia.tech/episodes/416Martin Štefanko - Quarkus Core Engineer at IBM & Co-Author of "Quarkus in Action"Jan Martiška - Software Engineer Quarkus at IBM & Co-Author of "Quarkus in Action"Holly Cummins - Senior Technical Staff Member, Quarkus at IBMRESOURCESMartinhttps://bsky.app/profile/xstefank.bsky.socialhttps://mastodon.cloud/@xstefankhttps://x.com/xstefankhttps://github.com/xstefankhttps://www.linkedin.com/in/martin-stefankoJanhttps://bsky.app/profile/janmartiska.bsky.socialhttps://x.com/janmartiskahttps://github.com/jmartiskhttps://www.linkedin.com/in/janmartiskaHollyhttps://hollycummins.comhttps://hollycummins.com/type/bloghttps://bsky.app/profile/hollycummins.comhttps://hachyderm.io/@holly_cumminshttps://twitter.com/holly_cumminshttps://github.com/holly-cumminshttps://linkedin.com/in/holly-k-cumminsLinkshttps://code.quarkus.iohttps://vaadin.comDESCRIPTIONHolly Cummins sits down with Martin Stefanko and Jan Martiška, authors of "Quarkus in Action", to discuss their journey writing this comprehensive guide to the Java framework. The authors share insights about Quarkus's developer experience, from its blazing-fast dev mode to native compilation capabilities, while revealing what they learned writing about 29 different extensions across 12 chapters.They discuss the book's structure - from getting started to deploying in the cloud- and offer practical advice on when to use JVM versus native compilation, making this essential reading for both Quarkus newcomers and experienced developers.RECOMMENDED BOOKSMartin Stefanko • Jan Martiska • Quarkus in Action • https://amzn.to/3K1En2zBen Evans & Jim Gough • Optimizing Cloud Native Java • https://amzn.to/41nivD9Kief Morris • Infrastructure as Code • https://amzn.to/4e6EBQcAlex Soto Bueno & Jason Porter • Quarkus Cookbook • https://amzn.to/4au3QfFBlueskyTwitterInstagramLinkedInFacebookCHANNEL MEMBERSHIP BONUSJoin this channel to get early access to videos & other perks:https://www.youtube.com/channel/UCs_tLP3AiwYKwdUHpltJPuA/joinLooking for a unique learning experience?Attend the next GOTO conference near you! Get your ticket: gotopia.techSUBSCRIBE TO OUR YOUTUBE CHANNEL - new videos posted daily!

Jens Neuse grew up in Germany, originally planning to be a carpenter. In his 2nd year as an apprentice, he was in a motorcycle wreck that thrust him into a process of surgery and healing. Eventually, he decided he wouldn't be doing carpentry, and got into sysadmin work. Once he got bored with this, he moved into startups, learned how to code, and starting digging into programming, API's and eventually - GraphQL federation. Outside of tech, he is married with 3 young kids. He loves to sit ski on the mountain - which is the coolest carbon fiber chair on a ski, where you steer with your knees and hips.After chasing building a better Apollo, Jens and his team ran into a point where their prior product and company was doomed to go under. When they accepted this fact, they started to think about what people actually wanted - and started to dig into the federation of GraphQL.This is the creation story of Wundergraph.SponsorsIncogniNordProtectVentionCodeCrafters helps you become a better engineer by building real-world, production-grade projects. Learn hands-on by creating your own Git, Redis, HTTP server, SQLite, or DNS server from scratch. Sign up for free today using this link and enjoy 40% off.Full ScalePaddle.comSema SoftwarePropelAuthPostmanMeilisearchLinkshttps://wundergraph.com/https://www.linkedin.com/in/jens-neuse-706673195Our Sponsors:* Check out Incogni: https://incogni.com/codestory* Check out NordProtect: https://nordprotect.com/codestorySupport this podcast at — https://redcircle.com/code-story-insights-from-startup-tech-leaders/donationsAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

В 86 выпуске подкаста Javaswag поговорили c Григорием Вахмистровым о Java и C#, GraphQL и менторинге. Обсудили, каково это — переходить из экосистемы Microsoft в мир JVM, почему C# кажется более «продуктовым» и чего Java-разработчикам до сих пор не хватает для полного счастья (спойлер: это не только Lombok). Основную часть выпуска мы посвятили GraphQL: Григорий на практических примерах объяснил, как этот инструмент может стать «палочкой-выручалочкой» для сложных бэк-офисов и когда он действительно выигрывает у классического REST. В финале затронули тему менторства и обучения: почему люди готовы платить за наставничество больше, чем за курсы, как не «сгореть», преподавая безопасность, и почему иногда лучший совет ментора — это отговорить человека идти в IT. 00:00 — Интро 02:00 — Мир .NET и Xamarin. Опыт с Xamarin.Forms и осознание: «Нативщина рулит». 10:00 — C# vs Java: Razor/Blazor как JSTL на стероидах. Entity Framework против Hibernate. LINQ — почему это больше, чем просто Stream API. 25:00 — Тулгинг и почему Maven и Gradle заставляют мучиться после «зеленой кнопки» в Visual Studio. 30:00 — Архитектура букмекерской системы: Распределенный монолит и высокие нагрузки 40:00 — GraphQL: Когда REST начинает проигрывать 01:06:00 — Федерация и Stitching 01:21:00 — Менторство, EdTech 01:46:00 — Непопулярное мнение Гость: https://www.linkedin.com/in/grigoriy-vakhmistrov-96499913b/ Ссылки: https://www.graphql-java.com/ https://netflix.github.io/dgs/ Ссылки на подкаст: Сайт - https://javaswag.github.io/ Телеграм - https://t.me/javaswag Youtube - https://www.youtube.com/@javaswag Linkedin - https://www.linkedin.com/in/volyihin/ X - https://x.com/javaswagpodcast

Discover Firebase Data Connect with Tyler Crowe! Dive into SQL, GraphQL, AI, and live demos to supercharge your app's data. Share your thoughts below!https://codingcat.dev/podcast/firebase-sql-with-data-connect00:00 Data Connect Overview04:29 AI Features & Vertex13:13 SQL Views & Raw SQL15:45 Downloading SDKs24:37 Full Text Search30:32 Vector Search Explained38:20 GraphQL Insights47:43 Firestore vs Data Connect48:32 Conclusion

Episode 149: In this episode of Critical Thinking - Bug Bounty Podcast The DEFCON videos are up, and Justin and Joseph talk through some of their favorites.Follow us on XGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater, rez0 and gr3pme on X: ====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!====== Resources ======Unicode surrogates conversionPrompt. Scan. ExploitBreaking into thousands of cloud based VPNs with 1 bugExamining Access Control Vulnerabilities in GraphQLSmart Bus Smart HackingPasskeys PwnedBypassing Intent Destination ChecksGemini Agents in Google CalendarExploitation of DOM Clobbering Vuln at ScaleTheHulkSmart Devices, Dumb ResetsMac PRT Cookie Theft====== Timestamps ======(00:00:00) Introduction(00:10:10) Prompt. Scan. Exploit(00:23:52) Breaking into thousands of cloud based VPNs with 1 bug(00:33:25) Access Control Vulns in GraphQL, Smart Bus Hacking, & Passkeys Pwned(00:44:10) Bypassing Intent Destination Checks & Invoking Gemini Agents(00:57:08) DOM Clobbering, Mac PRT Cookie Theft, & Smart Devices, Dumb Resets

Dans cet épisode, Emmanuel, Katia et Guillaume discutent de Spring 7, Quarkus, d'Infinispan et Keycloak. On discute aussi de projets sympas comme Javelit, de comment démarre une JVM, du besoin d'argent de NTP. Et puis on discute du changement de carrière d'Emmanuel. Enregistré le 14 novembre 2025 Téléchargement de l'épisode LesCastCodeurs-Episode-332.mp3 ou en vidéo sur YouTube. News Emmanuel quitte Red Hat après 20 ans https://emmanuelbernard.com/blog/2025/11/13/leaving-redhat/ Langages Support HTTP/3 dans le HttpClient de JDK 26 - https://inside.java/2025/10/22/http3-support/ JDK 26 introduit le support de HTTP/3 dans l'API HttpClient existante depuis Java 11 HTTP/3 utilise le protocole QUIC sur UDP au lieu de TCP utilisé par HTTP/2 Par défaut HttpClient préfère HTTP/2, il faut explicitement configurer HTTP/3 avec Version.HTTP_3 Le client effectue automatiquement un downgrade vers HTTP/2 puis HTTP/1.1 si le serveur ne supporte pas HTTP/3 On peut forcer l'utilisation exclusive de HTTP/3 avec l'option H3_DISCOVERY en mode HTTP_3_URI_ONLY HttpClient apprend qu'un serveur supporte HTTP/3 via le header alt-svc (RFC 7838) et utilise cette info pour les requêtes suivantes La première requête peut utiliser HTTP/2 même avec HTTP/3 préféré, mais la seconde utilisera HTTP/3 si le serveur l'annonce L'équipe OpenJDK encourage les tests et retours d'expérience sur les builds early access de JDK 26 Librairies Eclispe Jetty et CometD changent leurs stratégie de support https://webtide.com/end-of-life-changes-to-eclipse-jetty-and-cometd/ À partir du 1er janvier 2026, Webtide ne publiera plus Jetty 9/10/11 et CometD 5/6/7 sur Maven Central Pendant 20 ans, Webtide a financé les projets Jetty et CometD via services et support, publiant gratuitement les mises à jour EOL Le comportement des entreprises a changé : beaucoup cherchent juste du gratuit plutôt que du véritable support Des sociétés utilisent des versions de plus de 10 ans sans migrer tant que les correctifs CVE sont gratuits Cette politique gratuite a involontairement encouragé la complaisance et retardé les migrations vers versions récentes MITRE développe des changements au système CVE pour mieux gérer les concepts d'EOL Webtide lance un programme de partenariat avec TuxCare et HeroDevs pour distribuer les résolutions CVE des versions EOL Les binaires EOL seront désormais distribués uniquement aux clients commerciaux et via le réseau de partenaires Webtide continue le support standard open-source : quand Jetty 13 sortira, Jetty 12.1 recevra des mises à jour pendant 6 mois à un an Ce changement vise à clarifier la politique EOL avec une terminologie industrielle établie Améliorations cloud du SDK A2A Java https://quarkus.io/blog/quarkus-a2a-cloud-enhancements/ Version 0.3.0.Final du SDK A2A Java apporte des améliorations pour les environnements cloud et distribués Composants en mémoire remplacés par des implémentations persistantes et répliquées pour environnements multi-instances JpaDatabaseTaskStore et JpaDatabasePushNotificationConfigStore permettent la persistance des tâches et configurations en base PostgreSQL ReplicatedQueueManager assure la réplication des événements entre instances A2A Agent via Kafka et MicroProfile Reactive Messaging Exemple complet de déploiement Kubernetes avec Kind incluant PostgreSQL, Kafka via Strimzi, et load balancing entre pods Démonstration pratique montrant que les messages peuvent être traités par différents pods tout en maintenant la cohérence des tâches Architecture inspirée du SDK Python A2A, permettant la gestion de tâches asynchrones longues durée en environnement distribué Quarkus 3.29 sort avec des backends de cache multiples et support du débogueur Qute https://quarkus.io/blog/quarkus-3-29-released/ Possibilité d'utiliser plusieurs backends de cache simultanément dans une même application Chaque cache peut être associé à un backend spécifique (par exemple Caffeine et Redis ou Infinispan) Support du Debug Adapter Protocol (DAP) pour déboguer les templates Qute directement dans l'IDE et dans la version 3.28 Configuration programmatique de la protection CSRF via une API fluent Possibilité de restreindre les filtres OIDC à des flux d'authentification spécifiques avec annotations Support des dashboards Grafana personnalisés via fichiers JSON dans META-INF/grafana/ Extension Liquibase MongoDB supporte désormais plusieurs clients simultanés Amélioration significative des performances de build avec réduction des allocations mémoire Parallélisation de tâches comme la génération de proxies Hibernate ORM et la construction des Jar Et l'utilisation des fichiers .proto est plus simple dans Quarkus avbec Quarkus gRPC Zero https://quarkus.io/blog/grpc-zero/ c'est toujours galere des fichiers .proto car les generateurs demandent des executables natifs maintenant ils sont bundlés dans la JVM et vous n'avez rien a configurer cela utilise Caffeine pour faire tourner cela en WASM dans la JVM Spring AI 1.1 est presque là https://spring.io/blog/2025/11/08/spring-ai-1-1-0-RC1-available-now support des MCP tool caching pour les callback qui reduit les iooerations redondantes Access au contenu de raisonnement OpenAI Un modele de Chat MongoDB Support du modele de penser Ollama Reessaye sur les echec de reseau OpenAI speech to text Spring gRPC Les prochaines étapes pour la 1.0.0 https://spring.io/blog/2025/11/05/spring-grpc-next-steps Spring gRPC 1.0 arrive prochainement avec support de Spring Boot 4 L'intégration dans Spring Boot 4.0 est reportée, prévue pour Spring Boot 4.1 Les coordonnées Maven restent sous org.springframework.grpc pour la version 1.0 Le jar spring-grpc-test est renommé en spring-grpc-test-spring-boot-autoconfigure Les packages d'autoconfiguration changent de nom nécessitant de modifier les imports Les dépendances d'autoconfiguration seront immédiatement dépréciées après la release 1.0 Migration minimale attendue pour les projets utilisant déjà la version 0.x La version 1.0.0-RC1 sera publiée dès que possible avant la version finale Spring arrete le support reactif d'Apache Pulsar https://spring.io/blog/2025/10/29/spring-pulsar-reactive-discontinued logique d'évaluer le temps passé vs le nombre d'utilisateurs c'est cependant une tendance qu'on a vu s'accélerer Spring 7 est sorti https://spring.io/blog/2025/11/13/spring-framework-7-0-general-availability Infrastructure Infinispan 16.0 https://infinispan.org/blog/2025/11/10/infinispan-16-0 Ajout majeur : migration en ligne sans interruption pour les nœuds d'un cluster (rolling upgrades) (infinispan.org) Messages de clustering refaits avec Protocol Buffers + ProtoStream : meilleure compatibilité, schéma évolutif garanti (infinispan.org) Console Web améliorée API dédiée de gestion des schémas (SchemasAdmin) pour gérer les schémas ProtoStream à distance (infinispan.org) Module de requête (query) optimisé : support complet des agrégations (sum, avg …) dans les requêtes indexées en cluster grâce à l'intégration de Hibernate Search 8.1 (infinispan.org) Serveur : image conteneur minimalisée pour réduire la surface d'attaque (infinispan.org) démarrage plus rapide grâce à séparation du démarrage cache/serveur (infinispan.org) caches pour connecteurs (Memcached, RESP) créés à la demande (on-demand) et non à l'initiaton automatique (infinispan.org) moteur Lua 5.1 mis à jour avec corrections de vulnérabilités et opérations dangereuses désactivées (infinispan.org) Support JDK : version minimale toujours JDK 17 (infinispan.org) prise en charge des threads virtuels (virtual threads) et des fonctionnalités AOT (Ahead-of-Time) de JDK plus récentes (infinispan.org) Web Javelit, une nouvelle librairie Java inspirée de Streamlit pour faire facilement et rapidement des petites interfaces web https://glaforge.dev/posts/2025/10/24/javelit-to-create-quick-interactive-app-frontends-in-java/ Site web du projet : https://javelit.io/ Javelit : outil pour créer rapidement des applications de données (mais pas que) en Java. Simplifie le développement : élimine les tracas du frontend et de la gestion des événements. Transforme une classe Java en application web en quelques minutes. Inspiré par la simplicité de Streamlit de l'écosystème Python (ou Gradio et Mesop), mais pour Java. Développement axé sur la logique : pas de code standard répétitif (boilerplate), rechargement à chaud. Interactions faciles : les widgets retournent directement leur valeur, sans besoin de HTML/CSS/JS ou gestion d'événements. Déploiement flexible : applications autonomes ou intégrables dans des frameworks Java (Spring, Quarkus, etc.). L'article de Guillaume montre comment créer une petite interface pour créer et modifier des images avec le modèle génératif Nano Banana Un deuxième article montre comment utiliser Javelit pour créer une interface de chat avec LangChain4j https://glaforge.dev/posts/2025/10/25/creating-a-javelit-chat-interface-for-langchain4j/ Améliorer l'accessibilité avec les applis JetPack Compose https://blog.ippon.fr/2025/10/29/rendre-son-application-accessible-avec-jetpack-compose/ TalkBack est le lecteur d'écran Android qui vocalise les éléments sélectionnés pour les personnes malvoyantes Accessibility Scanner et les outils Android Studio détectent automatiquement les problèmes d'accessibilité statiques Les images fonctionnelles doivent avoir un contentDescription, les images décoratives contentDescription null Le contraste minimum requis est de 4.5:1 pour le texte normal et 3:1 pour le texte large ou les icônes Les zones cliquables doivent mesurer au minimum 48dp x 48dp pour faciliter l'interaction Les formulaires nécessitent des labels visibles permanents et non de simples placeholders qui disparaissent Modifier.semantics permet de définir l'arbre sémantique lu par les lecteurs d'écran Les propriétés mergeDescendants et traversalIndex contrôlent l'ordre et le regroupement de la lecture Diriger le navigateur Chrome avec le modèle Gemini Computer Use https://glaforge.dev/posts/2025/11/03/driving-a-web-browser-with-gemini-computer-use-model-in-java/ Objectif : Automatiser la navigation web en Java avec le modèle "Computer Use" de Gemini 2.5 Pro. Modèle "Computer Use" : Gemini analyse des captures d'écran et génère des actions d'interface (clic, saisie, etc.). Outils : Gemini API, Java, Playwright (pour l'interaction navigateur). Fonctionnement : Boucle agent où Gemini reçoit une capture, propose une action, Playwright l'exécute, puis une nouvelle capture est envoyée à Gemini. Implémentation clé : Toujours envoyer une capture d'écran à Gemini après chaque action pour qu'il comprenne l'état actuel. Défis : Lenteur, gestion des CAPTCHA et pop-ups (gérables). Potentiel : Automatisation des tâches web répétitives, création d'agents autonomes. Data et Intelligence Artificielle Apicurio ajoute le support de nouveaux schema sans reconstruire Apicurio https://www.apicur.io/blog/2025/10/27/custom-artifact-types Apicurio Registry 3.1.0 permet d'ajouter des types d'artefacts personnalisés au moment du déploiement sans recompiler le projet Supporte nativement OpenAPI, AsyncAPI, Avro, JSON Schema, Protobuf, GraphQL, WSDL et XSD Trois approches d'implémentation disponibles : classes Java pour la performance maximale, JavaScript/TypeScript pour la facilité de développement, ou webhooks pour une flexibilité totale Configuration via un simple fichier JSON pointant vers les implémentations des composants personnalisés Les scripts JavaScript sont exécutés via QuickJS dans un environnement sandboxé sécurisé Un package npm TypeScript fournit l'autocomplétion et la sécurité de type pour le développement Six composants optionnels configurables : détection automatique de type, validation, vérification de compatibilité, canonicalisation, déréférencement et recherche de références Cas d'usage typiques : formats propriétaires internes, support RAML, formats legacy comme WADL, schémas spécifiques à un domaine métier Déploiement simple via Docker en montant les fichiers de configuration et scripts comme volumes Les performances varient selon l'approche : Java offre les meilleures performances, JavaScript un bon équilibre, webhooks la flexibilité maximale Le truc interessant c'est que c'est Quarkus based et donc demandait le rebuilt donc pour eviter cela, ils ont ajouter QuickJS via Chicorey un moteur WebAssembly GPT 5.1 pour les développeurs est sorti. https://openai.com/index/gpt-5-1-for-developers/ C'est le meilleur puisque c'est le dernier :slightly_smiling_face: Raisonnement Adaptatif et Efficace : GPT-5.1 ajuste dynamiquement son temps de réflexion en fonction de la complexité de la tâche, le rendant nettement plus rapide et plus économique en jetons pour les tâches simples, tout en maintenant des performances de pointe sur les tâches difficiles. Nouveau Mode « Sans Raisonnement » : Un mode (reasoning_effort='none') a été introduit pour les cas d'utilisation sensibles à la latence, permettant une réponse plus rapide avec une intelligence élevée et une meilleure exécution des outils. Cache de Prompt Étendu : La mise en cache des invites est étendue jusqu'à 24 heures (contre quelques minutes auparavant), ce qui réduit la latence et le coût pour les interactions de longue durée (chats multi-tours, sessions de codage). Les jetons mis en cache sont 90 % moins chers. Améliorations en Codage : Le modèle offre une meilleure personnalité de codage, une qualité de code améliorée et de meilleures performances sur les tâches d'agenticité de code, atteignant 76,3 % sur SWE-bench Verified. Nouveaux Outils pour les Développeurs : Deux nouveaux outils sont introduits ( https://cookbook.openai.com/examples/build_a_coding_agent_with_gpt-5.1 ) : L'outil apply_patch pour des modifications de code plus fiables via des diffs structurés. L'outil shell qui permet au modèle de proposer et d'exécuter des commandes shell sur une machine locale, facilitant les boucles d'inspection et d'exécution. Disponibilité : GPT-5.1 (ainsi que les modèles gpt-5.1-codex) est disponible pour les développeurs sur toutes les plateformes API payantes, avec les mêmes tarifs et limites de débit que GPT-5. Comparaison de similarité d'articles et de documents avec les embedding models https://glaforge.dev/posts/2025/11/12/finding-related-articles-with-vector-embedding-models/ Principe : Convertir les articles en vecteurs numériques ; la similarité sémantique est mesurée par la proximité de ces vecteurs. Démarche : Résumé des articles via Gemini-2.5-flash. Conversion des résumés en vecteurs (embeddings) par Gemini-embedding-001. Calcul de la similarité entre vecteurs par similarité cosinus. Affichage des 3 articles les plus pertinents (>0.75) dans le frontmatter Hugo. Bilan : Approche "résumé et embedding" efficace, pragmatique et améliorant l'engagement des lecteurs. Outillage Composer : Nouveau modèle d'agent rapide pour l'ingénierie logicielle - https://cursor.com/blog/composer Composer est un modèle d'agent conçu pour l'ingénierie logicielle qui génère du code quatre fois plus rapidement que les modèles similaires Le modèle est entraîné sur de vrais défis d'ingénierie logicielle dans de grandes bases de code avec accès à des outils de recherche et d'édition Il s'agit d'un modèle de type mixture-of-experts optimisé pour des réponses interactives et rapides afin de maintenir le flux de développement L'entraînement utilise l'apprentissage par renforcement dans divers environnements de développement avec des outils comme la lecture de fichiers, l'édition, les commandes terminal et la recherche sémantique Cursor Bench est un benchmark d'évaluation basé sur de vraies demandes d'ingénieurs qui mesure la correction et le respect des abstractions du code existant Le modèle apprend automatiquement des comportements utiles comme effectuer des recherches complexes, corriger les erreurs de linter et écrire des tests unitaires L'infrastructure d'entraînement utilise PyTorch et Ray avec des kernels MXFP8 pour entraîner sur des milliers de GPUs NVIDIA Le système exécute des centaines de milliers d'environnements de codage sandboxés concurrents dans le cloud pour l'entraînement Composer est déjà utilisé quotidiennement par les développeurs de Cursor pour leur propre travail Le modèle se positionne juste derrière GPT-5 et Sonnet 4.5 en termes de performance sur les benchmarks internes Rex sur l'utilisation de l'IA pour les développeurs, un gain de productivité réel et des contextes adaptés https://mcorbin.fr/posts/2025-10-17-genai-dev/ Un développeur avec 18 ans d'expérience partage son retour sur l'IA générative après avoir changé d'avis Utilise exclusivement Claude Code dans le terminal pour coder en langage naturel Le "vibe coding" permet de générer des scripts et interfaces sans regarder le code généré Génération rapide de scripts Python pour traiter des CSV, JSON ou créer des interfaces HTML Le mode chirurgien résout des bugs complexes en one-shot, exemple avec un plugin Grafana fixé en une minute Pour le code de production, l'IA génère les couches repository, service et API de manière itérative, mais le dev controle le modele de données Le développeur relit toujours le code et ajuste manuellement ou via l'IA selon le besoin L'IA ne remplacera pas les développeurs car la réflexion, conception et expertise technique restent essentielles La construction de produits robustes, scalables et maintenables nécessite une expérience humaine L'IA libère du temps sur les tâches répétitives et permet de se concentrer sur les aspects complexes ce que je trouve interessant c'est la partie sur le code de prod effectivement, je corrige aussi beaucoup les propositions de l'IA en lui demandant de faire mieux dans tel ou tel domaine Sans guide, tout cela serait perdu Affaire a suivre un article en parallele sur le métier de designer https://blog.ippon.fr/2025/11/03/lia-ne-remplace-pas-un-designer-elle-amplifie-la-difference-entre-faire-et-bien-faire/ Plus besoin de se rappeler les racourcis dans IntelliJ idea avec l'universal entry point https://blog.jetbrains.com/idea/2025/11/universal-entry-point-a-single-entry-point-for-context-aware-coding-assistance/ IntelliJ IDEA introduit Command Completion, une nouvelle façon d'accéder aux actions de l'IDE directement depuis l'éditeur Fonctionne comme la complétion de code : tapez point (.) pour voir les actions contextuelles disponibles Tapez double point (..) pour filtrer et n'afficher que les actions disponibles Propose des corrections, refactorings, génération de code et navigation selon le contexte Complète les fonctionnalités existantes sans les remplacer : raccourcis, Alt+Enter, Search Everywhere Facilite la découverte des fonctionnalités de l'IDE sans interrompre le flux de développement En Beta dans la version 2025.2, sera activé par défaut dans 2025.3 Support actuel pour Java et Kotlin, avec actions spécifiques aux frameworks comme Spring et Hibernate Homebrew, package manage pour macOS et Linux passe en version 5 https://brew.sh/2025/11/12/homebrew-5.0.0/ Téléchargements Parallèles par Défaut : Le paramètre HOMEBREW_DOWNLOAD_CONCURRENCY=auto est activé par défaut, permettant des téléchargements concurrents pour tous les utilisateurs, avec un rapport de progression. Support Linux ARM64/AArch64 en Tier 1 : Le support pour Linux ARM64/AArch64 a été promu au niveau "Tier 1" (support officiel de premier plan). Feuille de Route pour les Dépréciations macOS : Septembre 2026 (ou plus tard) : Homebrew ne fonctionnera plus sur macOS Catalina (10.15) et versions antérieures. macOS Intel (x86_64) passera en "Tier 3" (fin du support CI et des binaires précompilés/bottles). Septembre 2027 (ou plus tard) : Homebrew ne fonctionnera plus sur macOS Big Sur (11) sur Apple Silicon ni du tout sur Intel (x86_64). Sécurité et Casks : Dépréciation des Casks sans signature de code. Désactivation des Casks échouant aux vérifications Gatekeeper en septembre 2026. Les options --no-quarantine et --quarantine sont dépréciés pour ne plus faciliter le contournement des fonctionnalités de sécurité de macOS. Nouvelles Fonctionnalités & Améliorations : Support officiel pour macOS 26 (Tahoe). brew bundle supporte désormais l'installation de packages Go via un Brewfile. Ajout de la commande brew info --sizes pour afficher la taille des formulae et casks. La commande brew search --alpine permet de chercher des packages Alpine Linux. Architecture Selon l'analyste RedMonk, Java reste très pertinent dans l'aire de l'IA et des agents https://redmonk.com/jgovernor/java-relevance-in-the-ai-era-agent-frameworks-emerge/ Java reste pertinent à l'ère de l'IA, pas besoin d'apprendre une pile technique entièrement nouvelle. Capacité d'adaptation de Java ("anticorps") aux innovations (Big Data, cloud, IA), le rendant idéal pour les contextes d'entreprise. L'écosystème JVM offre des avantages sur Python pour la logique métier et les applications sophistiquées, notamment en termes de sécurité et d'évolutivité. Embabel (par Rod Johnson, créateur de Spring) : un framework d'agents fortement typé pour JVM, visant le déterminisme des projets avant la génération de code par LLM. LangChain4J : facilite l'accès aux capacités d'IA pour les développeurs Java, s'aligne sur les modèles d'entreprise établis et permet aux LLM d'appeler des méthodes Java. Koog (Jetbrains) : framework d'agents basé sur Kotlin, typé et spécifique aux développeurs JVM/Kotlin. Akka : a pivoté pour se concentrer sur les flux de travail d'agents IA, abordant la complexité, la confiance et les coûts des agents dans les systèmes distribués. Le Model Context Protocol (MCP) est jugé insuffisant, manquant d'explicabilité, de découvrabilité, de capacité à mélanger les modèles, de garde-fous, de gestion de flux, de composabilité et d'intégration sécurisée. Les développeurs Java sont bien placés pour construire des applications compatibles IA et intégrer des agents. Des acteurs majeurs comme IBM, Red Hat et Oracle continuent d'investir massivement dans Java et son intégration avec l'IA. Sécurité AI Deepfake, Hiring … A danger réel https://www.eu-startups.com/2025/10/european-startups-get-serious-about-deepfakes-as-ai-fraud-losses-surpass-e1-3-billion/ Pertes liées aux deepfakes en Europe : > 1,3 milliard € (860 M € rien qu'en 2025). Création de deepfakes désormais possible pour quelques euros. Fraudes : faux entretiens vidéo, usurpations d'identité, arnaques diverses. Startups actives : Acoru, IdentifAI, Trustfull, Innerworks, Keyless (détection et prévention). Réglementation : AI Act et Digital Services Act imposent transparence et contrôle. Recommandations : vérifier identités, former employés, adopter authentification multi-facteurs. En lien : https://www.techmonitor.ai/technology/cybersecurity/remote-hiring-cybersecurity 1 Candidat sur 4 sera Fake en 2028 selon Gartner research https://www.gartner.com/en/newsroom/press-releases/2025-07-31-gartner-survey-shows-j[…]-percent-of-job-applicants-trust-ai-will-fairly-evaluate-them Loi, société et organisation Amazon - prévoit supprimer 30.000 postes https://www.20minutes.fr/economie/4181936-20251028-amazon-prevoit-supprimer-30-000-emplois-bureau-selon-plusieurs-medias Postes supprimés : 30 000 bureaux Part des effectifs : ~10 % des employés corporatifs Tranche confirmée : 14 000 postes Divisions touchées : RH, Opérations, Devices & Services, Cloud Motifs : sur-recrutement, bureaucratie, automatisation/IA Accompagnement : 90 jours pour poste interne + aides Non concernés : entrepôts/logistique Objectif : concentrer sur priorités stratégiques NTP a besoin d'argent https://www.ntp.org/ Il n'est que le protocole qui synchronise toutes les machines du monde La fondation https://www.nwtime.org/ recherche 11000$ pour maintenir son activité Rubrique débutant Une plongée approfondie dans le démarrage de la JVM https://inside.java/2025/01/28/jvm-start-up La JVM effectue une initialisation complexe avant d'exécuter le code : validation des arguments, détection des ressources système et sélection du garbage collector approprié Le chargement de classes suit une stratégie lazy où chaque classe charge d'abord ses dépendances dans l'ordre de déclaration, créant une chaîne d'environ 450 classes même pour un simple Hello World La liaison de classes comprend trois sous-processus : vérification de la structure, préparation avec initialisation des champs statiques à leurs valeurs par défaut, et résolution des références symboliques du Constant Pool Le CDS améliore les performances au démarrage en fournissant des classes pré-vérifiées, réduisant le travail de la JVM L'initialisation de classe exécute les initialiseurs statiques via la méthode spéciale clinit générée automatiquement par javac Le Project Leyden introduit la compilation AOT dans JDK 24 pour réduire le temps de démarrage en effectuant le chargement et la liaison de classes en avance de phase Pas si débutant finalement Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 12-14 novembre 2025 : Devoxx Morocco - Marrakech (Morocco) 15-16 novembre 2025 : Capitole du Libre - Toulouse (France) 19 novembre 2025 : SREday Paris 2025 Q4 - Paris (France) 19-21 novembre 2025 : Agile Grenoble - Grenoble (France) 20 novembre 2025 : OVHcloud Summit - Paris (France) 21 novembre 2025 : DevFest Paris 2025 - Paris (France) 24 novembre 2025 : Forward Data & AI Conference - Paris (France) 27 novembre 2025 : DevFest Strasbourg 2025 - Strasbourg (France) 28 novembre 2025 : DevFest Lyon - Lyon (France) 1-2 décembre 2025 : Tech Rocks Summit 2025 - Paris (France) 4-5 décembre 2025 : Agile Tour Rennes - Rennes (France) 5 décembre 2025 : DevFest Dijon 2025 - Dijon (France) 9-11 décembre 2025 : APIdays Paris - Paris (France) 9-11 décembre 2025 : Green IO Paris - Paris (France) 10-11 décembre 2025 : Devops REX - Paris (France) 10-11 décembre 2025 : Open Source Experience - Paris (France) 11 décembre 2025 : Normandie.ai 2025 - Rouen (France) 14-17 janvier 2026 : SnowCamp 2026 - Grenoble (France) 22 janvier 2026 : DevCon #26 : sécurité / post-quantique / hacking - Paris (France) 29-31 janvier 2026 : Epitech Summit 2026 - Paris - Paris (France) 2-5 février 2026 : Epitech Summit 2026 - Moulins - Moulins (France) 2-6 février 2026 : Web Days Convention - Aix-en-Provence (France) 3 février 2026 : Cloud Native Days France 2026 - Paris (France) 3-4 février 2026 : Epitech Summit 2026 - Lille - Lille (France) 3-4 février 2026 : Epitech Summit 2026 - Mulhouse - Mulhouse (France) 3-4 février 2026 : Epitech Summit 2026 - Nancy - Nancy (France) 3-4 février 2026 : Epitech Summit 2026 - Nantes - Nantes (France) 3-4 février 2026 : Epitech Summit 2026 - Marseille - Marseille (France) 3-4 février 2026 : Epitech Summit 2026 - Rennes - Rennes (France) 3-4 février 2026 : Epitech Summit 2026 - Montpellier - Montpellier (France) 3-4 février 2026 : Epitech Summit 2026 - Strasbourg - Strasbourg (France) 3-4 février 2026 : Epitech Summit 2026 - Toulouse - Toulouse (France) 4-5 février 2026 : Epitech Summit 2026 - Bordeaux - Bordeaux (France) 4-5 février 2026 : Epitech Summit 2026 - Lyon - Lyon (France) 4-6 février 2026 : Epitech Summit 2026 - Nice - Nice (France) 12-13 février 2026 : Touraine Tech #26 - Tours (France) 26-27 mars 2026 : SymfonyLive Paris 2026 - Paris (France) 27-29 mars 2026 : Shift - Nantes (France) 31 mars 2026 : ParisTestConf - Paris (France) 16-17 avril 2026 : MiXiT 2026 - Lyon (France) 22-24 avril 2026 : Devoxx France 2026 - Paris (France) 23-25 avril 2026 : Devoxx Greece - Athens (Greece) 6-7 mai 2026 : Devoxx UK 2026 - London (UK) 22 mai 2026 : AFUP Day 2026 Lille - Lille (France) 22 mai 2026 : AFUP Day 2026 Paris - Paris (France) 22 mai 2026 : AFUP Day 2026 Bordeaux - Bordeaux (France) 22 mai 2026 : AFUP Day 2026 Lyon - Lyon (France) 17 juin 2026 : Devoxx Poland - Krakow (Poland) 11-12 juillet 2026 : DevLille 2026 - Lille (France) 4 septembre 2026 : JUG Summer Camp 2026 - La Rochelle (France) 17-18 septembre 2026 : API Platform Conference 2026 - Lille (France) 5-9 octobre 2026 : Devoxx Belgium - Antwerp (Belgium) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

In this episode, we discuss MuleSoft and Camel similarities and take a brief tangent on the prevalence of XML as a data format, vibe-coding, SaaS fatigue, subscription overload, and Illuminated Cloud's support for GraphQL.

Strategic Technology Consultation Services This episode of The Modern .NET Show is supported, in part, by RJJ Software's Strategic Technology Consultation Services. If you're an SME (Small to Medium Enterprise) leader wondering why your technology investments aren't delivering, or you're facing critical decisions about AI, modernization, or team productivity, let's talk. Show Notes "Simple is always the better choice, but easy is not always the best. So sometimes you'll go to graph, it's a little bit harder for us to write the code for around it, but the bandwidth consumption is considerably smaller. the compute consumption and the ability for it to run on a mobile device is considerably easier."— Jerry Nixon Hey everyone, and welcome back to The Modern .NET Show; the premier .NET podcast, focusing entirely on the knowledge, tools, and frameworks that all .NET developers should have in their toolbox. I'm your host Jamie Taylor, bringing you conversations with the brightest minds in the .NET ecosystem. Today, we're joined by Jerry Nixon. Jerry is a Principal Product Manager at Microsoft, focussing on the tooling and Developer Experience around Azure SQL Server. Jerry shares his advice for architecting web-based APIs, RESTful design, and using what fits within your team, and of course we talk about Data API Builder. "When you think about what an architect really is and their responsibility, the decisions, architectural decisions are the decisions that are the most expensive to change. That's kind of like who should be making this decision? Well, how expensive is it to change? It's very expensive."— Jerry Nixon We also talk about the importance of interpersonal skills in modern software engineering (whether you're working in open source or not), psychological safety, and the importance of self-reflection in our day-to-day work. Before we jump in, a quick reminder: if The Modern .NET Show has become part of your learning journey, please consider supporting us through Patreon or Buy Me A Coffee. Every contribution helps us continue bringing you these in-depth conversations with industry experts. You'll find all the links in the show notes. Anyway, without further ado, let's sit back, open up a terminal, type in `dotnet new podcast` and we'll dive into the core of Modern .NET. Full Show Notes The full show notes, including links to some of the things we discussed and a full transcription of this episode, can be found at: https://dotnetcore.show/season-8/designing-apis-like-a-pro-lessons-from-jerry-nixon-on-data-api-builder-and-beyond/ Useful Links: SQLBits The original definition of REST Data API Builder documentation Data API Builder on GitHub on MS Learn samples docker Registry SQL Dev Path FusionCache Jerry on X (formerly known as Twitter) Podcast editing services provided by Matthew Bliss Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show Supporting the show: Leave a rating or review Buy the show a coffee Become a patron Getting in Touch: Via the contact page Joining the Discord Remember to rate and review the show on Apple Podcasts, Podchaser, or wherever you find your podcasts, this will help the show's audience grow. Or you can just share the show with a friend. And don't forget to reach out via our Contact page. We're very interested in your opinion of the show, so please get in touch. You can support the show by making a monthly donation on the show's Patreon page at: https://www.patreon.com/TheDotNetCorePodcast. Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show. Editing and post-production services for this episode were provided by MB Podcast Services.

A challenge in modern frontend application design is efficiently fetching and managing GraphQL data while keeping UI components responsive and maintainable. Developers often face issues like over-fetching, under-fetching, and handling complex query dependencies, which can lead to performance bottlenecks and increased development effort. Relay is a JavaScript framework developed by Meta for managing GraphQL data The post Rethinking GraphQL Frontends with Robert Balicki appeared first on Software Engineering Daily.

A challenge in modern frontend application design is efficiently fetching and managing GraphQL data while keeping UI components responsive and maintainable. Developers often face issues like over-fetching, under-fetching, and handling complex query dependencies, which can lead to performance bottlenecks and increased development effort. Relay is a JavaScript framework developed by Meta for managing GraphQL data The post Rethinking GraphQL Frontends with Robert Balicki appeared first on Software Engineering Daily.

Thank you to the folks at Sustain (https://sustainoss.org/) for providing the hosting account for CHAOSSCast! CHAOSScast – Episode 119 In this episode of CHAOSScast, we have a special episode from our friends at Sustain. Host Richard Littauer from Sustain is joined by guests Ben Nickolls and Andrew Nesbitt to discuss the ecosyste.ms project. They explore how ecosyste.ms collects and analyzes metadata from various open-source projects to create a comprehensive database that can help improve funding allocation. The discussion covers the importance of funding the most critical open-source projects, the existing gaps in funding, and the partnership between ecosyste.ms and Open Source Collective to create funding algorithms that support entire ecosystems. They also talk about the challenges of maintaining data, reaching out to project maintainers, and the broader implications for the open-source community. Hit the download button now! [00:03:16] Andrew and Ben explain ecosyste.ms, what it does, and how it compares to Libraries.io. [00:06:17] Ecosyste.ms tracks metadata, not the packages themselves, and enriches data via dependency graphs, committers, issues, SBOMs, and more. [00:08:12] Andrew talks about finding 1,890 Git hosts and how many critical projects live outside GitHub. [00:09:55] There's a conversation on metadata uses and SBOM parsing. [00:14:07] Richard inquires about the ecosystem.ms funds on their website which Andrew explains it's a collaboration between Open Collective and ecosyste.ms. that algorithmically distributes funds to the most used, not most popular packages. [00:17:03] Ben shares how this is different from previous projects and brings up a past project, “Back Your Stack” and explains how ecosyste.ms is doing two things differently. [00:20:17] Ben explains how it supports payouts to other platforms and encourages maintainers to adopt funding YAML files for automation. Andrew touches on efficient outreach, payout management, and API usage (GraphQL). [00:26:54] Ben elaborates on how companies can fund ecosyste.ms (like Django) instead of curating their own lists and being inspired by Sentry's work with the Open Source Pledge. [00:30:50] Andrew speaks about scaling and developer engagement and emphasizes their focus is on high-impact sustainability. [00:34:06] Richard asks, “Why does it matter?” Ben explains that most current funding goes to popular, not most used projects and ecosyste.ms aims to fix the gap with data backed funding, and he suggests use of open standards like 360Giving and Open Contracting Data. [00:37:04] Andrew shares his thoughts on funding the right projects by improving 1% of OSS, you uplift the quality of millions of dependent projects with healthier infrastructure, faster security updates, and more resilient software. [00:39:53] Find out where you can follow ecosyste.ms and the blog on the web. Quotes: [00:12:36] “I call them interesting forks. If a fork is referenced by a package, it'll get indexed.” [00:23:25] We've built a service that now moves like $25 million a year between OSS maintainers on OSC.” [00:34:41] “We don't have enough information to make collective decisions about which projects, communities, maintainers, should receive more funding.” [00:35:41] “The NSF POSE Program has distributed hundreds of millions of dollars of funding to open source communities alone.” [00:37:05] “If you have ten, twenty thousand really critical open source projects, that actually isn't unachievable to make those projects sustainable.” Spotlight: [00:40:53] Ben's spotlight is Jellyfin. [00:41:38]** **Andrew's spotlight is zizmor. [00:43:39] Richard's spotlight is The LaTeX Project. Panelist: Richard Littauer Guests: Ben Nickolls Andrew Nesbitt Links: CHAOSS (https://chaoss.community/) CHAOSS Project Twitter (https://twitter.com/chaossproj?lang=en) CHAOSScast Podcast (https://podcast.chaoss.community/) podcast@chaoss.community (mailto:podcast@chaoss.community) Alice Sowerby LinkedIn (https://www.linkedin.com/in/alice-sowerby-ba692a13/?originalSubdomain=uk) SustainOSS (https://sustainoss.org/) podcast@sustainoss.org (mailto:podcast@sustainoss.org) richard@sustainoss.org (mailto:richard@sustainoss.org) SustainOSS Discourse (https://discourse.sustainoss.org/) SustainOSS Mastodon (https://mastodon.social/tags/sustainoss) SustainOSS Bluesky (https://bsky.app/profile/sustainoss.bsky.social) SustainOSS LinkedIn (https://www.linkedin.com/company/sustainoss/) Open Collective-SustainOSS (Contribute) (https://opencollective.com/sustainoss) Richard Littauer Socials (https://www.burntfen.com/2023-05-30/socials) Ben Nickolls LinkedIn (https://www.linkedin.com/in/benjamuk/) Andrew Nesbitt Website (https://nesbitt.io/) Andrew Nesbitt Mastodon (https://mastodon.social/@andrewnez) Octobox (https://github.com/octobox) ecosyste.ms (https://ecosyste.ms/) ecosyste.ms Blog (https://blog.ecosyste.ms/) Open Source Collective (https://oscollective.org/) Open Source Collective Updates (https://opencollective.com/opensource/updates) Open Source Collective Contributions (https://opencollective.com/opensource) Open Source Collective Contributors (https://opencollective.com/open-source) Open Collective (https://opencollective.com/) 24 Pull Requests (https://24pullrequests.com/) Libraries.io (https://libraries.io/) The penumbra of open source (EPJ Data Science) (https://epjdatascience.springeropen.com/articles/10.1140/epjds/s13688-022-00345-7) FOSDEM '25- Open source funding: you're doing it wrong (Andrew and Ben) (https://fosdem.org/2025/schedule/event/fosdem-2025-5576-open-source-funding-you-re-doing-it-wrong/) Vue.js (https://vuejs.org/) thanks.dev (https://thanks.dev/home) StackAid (https://www.stackaid.us/) Back Your Stack (https://backyourstack.com/) NSF POSE (https://www.nsf.gov/funding/initiatives/pathways-enable-open-source-ecosystems) Django (https://www.djangoproject.com/) GitHub Sponsors (https://github.com/sponsors) Sustain Podcast-Episode 80: Emma Irwin and the Foss Fund Program (https://podcast.sustainoss.org/80) Sustain Podcast- 3 Episodes featuring Chad Whitacre (https://podcast.sustainoss.org/guests/chad-whitacre) Sustain Podcast- Episode 218: Karthik Ram & James Howison on Research Software Visibility Infrastructure Priorities (https://podcast.sustainoss.org/218) Sustain Podcast-Episode 247: Chad Whitacre on the Open Source Pledge (https://podcast.sustainoss.org/247) Invest in Open Infrastructure (https://investinopen.org/) 360Giving (https://www.360giving.org/) Open Contracting Data Standard (https://standard.open-contracting.org/latest/en/) Jellyfin (https://opencollective.com/jellyfin) zizmor (https://github.com/zizmorcore/zizmor) The LaTeX Project (https://www.latex-project.org/) Special Guests: Andrew Nesbitt, Benjamin Nickolls, and Richard Littauer.

Jens Neuse grew up in Germany, originally planning to be a carpenter. In his 2nd year as an apprentice, he was in a motorcycle wreck that thrust him into a process of surgery and healing. Eventually, he decided he wouldn't be doing carpentry, and got into sysadmin work. Once he got bored with this, he moved into startups, learned how to code, and starting digging into programming, API's and eventually - GraphQL federation. Outside of tech, he is married with 3 young kids. He loves to sit ski on the mountain - which is the coolest carbon fiber chair on a ski, where you steer with your knees and hips.After chasing building a better Apollo, Jens and his team ran into a point where their prior product and company was doomed to go under. When they accepted this fact, they started to think about what people actually wanted - and started to dig into the federation of GraphQL.This is the creation story of Wundergraph.SponsorsFull ScalePaddle.comSema SoftwarePropelAuthPostmanMeilisearchLinkshttps://wundergraph.com/https://www.linkedin.com/in/jens-neuse-706673195Support this podcast at — https://redcircle.com/code-story-insights-from-startup-tech-leaders/donationsAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

Today, the Elixir Wizards wrap up Season 14 “Enter the Elixirverse.” Dan, Charles, and Sundi look back at some common themes: Elixir plays well with others, bridges easily to access languages and tools, and remains a powerful technology for data flow, concurrency, and developer experience. We revisit the popular topics of the year, from types and tooling to AI orchestration and reproducible dev environments, and share what we're excited to explore next.   We also invite your questions and takeaways to help shape future seasons and conference conversations. Season 14 doubles as a handy primer for anyone curious about how Elixir integrates across the stack.   Key topics discussed in this episode:   * Lessons from a season of interoperability * Set-theoretic types and what new compiler warnings unlock * AI in practice: LLM orchestration, fallbacks, and real-world use * SDUI and GraphQL patterns for shipping UI across web/iOS/Android * Dataframes in Elixir with Explorer for analytics workflows * Python interoperability (ErlPort, PythonX) and when to reach for it * Reproducible dev environments with Nix and friends * Performance paths: Rustler and Zig for native extensions * Bluetooth & Nerves: Blue Heron and hardware integrations * DevEx upgrades: LiveView, build pipelines, and standard project setup * Observability and ops: Prometheus/Grafana and sensible deployments * Community feedback, conferences, and what's on deck for next season   Links mentioned in this episode: Cars.com S14E06 SDUI at Scale with Elixir https://youtu.be/nloRcgngTk?si=g4Zd4N1s56Ronrtw https://hexdocs.pm/phoenixliveview/Phoenix.LiveView.html https://wordpress.com/ https://elixir-lang.org/ S14E01 Zigler: Zig NIFs for Elixir https://youtu.be/hSAvWxh26TU?si=d55tVuZbNw0KCfT https://ziglang.org/ https://hexdocs.pm/zigler/Zig.html https://github.com/blue-heron/blueheron https://github.com/elixir-explorer/explorer S14E08 Nix for Elixir Apps https://youtu.be/yymUcgy4OAk?si=BRgTlc2VK5bsIhIf https://nixos.org/ https://nix.dev/ S14E07 Set Theoretic Types in Elixir https://youtu.be/qMmEnXcHxL4?si=Ux2lebiwEp3mc0e S14E10 Python in Elixir Apps https://youtu.be/SpVLrrWkRqE?si=ld3oQVXVlWHpo7eV https://www.python.org/ https://hexdocs.pm/pythonx/ https://github.com/Pyrlang/Pyrlang https://github.com/erlport/erlport S14E03 LangChain: LLM Integration for Elixir https://youtu.be/OwFaljL3Ptc?si=A0sDs2dzJ0UoE2PY https://github.com/brainlid/langchain S14E04 Nx & Machine Learning in Elixir https://youtu.be/Ju64kAMLlkw?si=zdVnkBTTLHvIZNBm S14E05 Rustler: Bridging Elixir and Rust https://youtu.be/2RBw7B9OfwE?si=aRVYOyxxW8fTmoRA https://github.com/rusterlium/rustler Season 3: Working with Elixir https://youtube.com/playlist?list=PLTDLmInI9YaDbhMRpGuYpboVNbp1Fl9PD&si=hbe7qt4gRUfrMtpj S14E11 Vibe Coding the LoopedIn Crochet App https://youtu.be/DX0SjmPE92g?si=zCBPjS1huRDIeVeP Season 5: Adopting Elixir  YouTubeLaunchisode and Outlaws Takeover with Chris Keathley, Amos King, and Anna Neyzberg S13E01 Igniter: Elixir Code Generation https://youtu.be/WM9iQlQSF_g?si=e0CAiML2qC2SxmdL Season 8: Elixir in a Polyglot Environment https://youtube.com/playlist?list=PLTDLmInI9YaAPlvMd-RDp6LWFjI67wOGN&si=YCI7WLA8qozD57iw !! We Want to Hear Your Thoughts *!!* Have questions, comments, or topics you'd like us to discuss on the podcast? Share your thoughts with us here: https://forms.gle/Vm7mcYRFDgsqqpDC9

For episode 590 of the BlockHash Podcast, host Brandon Zemp is joined by Jeff Handler, CCO of OpenTrade, an institutional-grade platform delivering real-world asset-backed yield on USDC, USDT, and EURC. ⏳ Timestamps: (0:00) Introduction(1:08) Who is Jeff Handler?(4:12) Importance of Yield-based Stablecoins(7:10) Typical clients(11:03) Stablecoin Yield use-cases in Colombia(15:22) Impact of the Genius Act(17:47) Future of RWAs in Finance(21:54) Onboarding for Clients(24:18) APIs & GraphQL(24:37) OpenTrade Roadmap(26:28) Events & Conferences(27:12) OpenTrade website & socials

### About the episode:Join Nataraj as he interviews Matt DeBergalis, CEO of Apollo GraphQL, about the evolution of GraphQL from an open-source project to a product company. Matt shares insights on building and scaling APIs, the challenges of transitioning open-source tech into a viable business, and how AI is reshaping API development. Discover how Apollo is helping companies of all sizes leverage GraphQL to build agentic experiences and modernize their API strategies.### What you'll learn- Understand the journey of GraphQL from open source to a product-driven company.- Explore the challenges of adopting and scaling GraphQL in enterprise environments.- Discover how GraphQL simplifies complex data combinations with its declarative language.- Learn how Apollo GraphQL helps companies accelerate the development of robust APIs.- Examine the role of GraphQL in building modern agentic experiences powered by AI.- Understand how to balance short-term shipping pressures with long-term architectural considerations.- Identify when GraphQL makes sense for a company based on its API size and consumption needs.- Discover how AI is driving increased API consumption and transforming user interfaces.### About the Guest and Host:Guest Name: Matt DeBergalis is the Co-founder and CEO of Apollo GraphQL, previously CTO and Co-founder at Meteor Development Group.Connect with Guest:→ LinkedIn: https://www.linkedin.com/in/debergalis/→ Website: https://www.apollographql.com/Nataraj: Host of the Startup Project podcast, Senior PM at Azure & Investor.→ LinkedIn: https://www.linkedin.com/in/natarajsindam/→ Twitter: https://x.com/natarajsindam→ Substack: ⁠https://startupproject.substack.com/⁠→ Website: ⁠⁠⁠https://thestartupproject.io⁠⁠⁠### In this episode, we cover(00:01) Introduction to Matt DeBergalis and Apollo GraphQL(00:37) Matt's journey and the origins of Apollo GraphQL(03:24) The transition from open source to a company(05:02) GraphQL as a client-focused API technology(07:22) Meta's approach to open source technologies(10:11) Challenges of converting open source to a business(13:11) Balancing shipping speed with architectural considerations(15:52) The risk of adopting the wrong technology(19:13) The evolution of full-stack development(23:57) When does adopting GraphQL make sense?(26:45) Apollo's customer scale and focus(31:48) Acquiring customers and marketing to developers(33:52) Matt's transition from CTO to CEO(37:02) Apollo's sales motion and target audience(40:24) Matt's thoughts on AI and its impact(47:12) How AI is changing business metricsDon't forget to subscribe and leave us a review/comment on YouTube Apple Spotify or wherever you listen to podcasts.#GraphQL #ApolloGraphQL #API #OpenSource #Enterprise #AI #AgenticAI #APIDevelopment #Startup #Technology #SoftwareDevelopment #GraphQLAdoption #Kubernetes #React #FullStack #DataAnalytics #Innovation #DigitalTransformation #TechStrategy #Podcast

In this episode of the TestGuild DevOps Toolchain Podcast, Joe Colantonio sits down with Matt DeBergalis, CEO of Apollo GraphQL, to explore how GraphQL is transforming the way teams build, ship, and scale applications. Matt shares his journey from open-source pioneer to leading one of the most widely adopted GraphQL platforms in the world—and why GraphQL is more relevant than ever in the age of AI, microservices, and agent-based applications. You'll discover: How GraphQL eliminates over-fetching, reduces technical debt, and accelerates feature delivery Why it's a natural fit for AI agents and future-ready architectures How it improves testing, observability, and security without forcing a backend rewrite Lessons from large-scale GraphQL implementations that every DevOps, QA, and platform engineering team should know Whether you're a developer, tester, or engineering leader, this conversation will give you practical insights to help you build faster, smarter, and with confidence. Try out SmartBear's Bugsnag for free, today. No credit card required: https://testguild.me/bugsnagfree

Nick Schrock is the founder of Dagster Labs, a data platform that helps you build, schedule, and monitor reliable data pipelines. They've raised $49M in funding from investors such as Sequoia, Index, Amplify, Slow, and 8VC. He is also the cocreator of the popular query language GraphQL. Nick's favorite books: The Great CEO Within (Author: Matt Mochary)(00:01) Introduction and Welcome(00:39) The Origins of GraphQL at Facebook(05:24) Explaining Data Orchestration in Plain English(09:03) What Dagster Is and Why It Matters(12:37) Assets vs. Tasks: A New Philosophy(16:51) Balancing Open Source and Commercial Features(22:18) Growing the Early Open Source Community(25:26) Signals of Community Health(27:59) Landing the First 10 Customers(32:25) Culture Shift: From Engineering-Heavy to Go-to-Market(37:49) Mistakes DevTool Founders Often Make(41:21) Selective Micromanagement and Leadership Style(44:36) Rapid Fire Round--------Where to find Nick Schrock: LinkedIn: https://www.linkedin.com/in/schrockn/--------Where to find Prateek Joshi: Newsletter: https://prateekjoshi.substack.com Website: https://prateekj.com LinkedIn: https://www.linkedin.com/in/prateek-joshi-infiniteX: https://x.com/prateekvjoshi 

For episode 583 of the BlockHash Podcast, host Brandon Zemp is joined by Stefan Avram, Co-founder and CCO of WunderGraph, the world’s most widely adopted open-source GraphQL Federation solution. ⏳ Timestamps: (0:00) Introduction(0:55) Who is Stefan Avram?(2:59) Tinder for Founders(3:26) What is Wundergraph?(5:20) GraphQL(5:52) Use-cases(7:44) Typical Customer(10:33) Expansion plan for Wundergraph(11:56) Tips & Advice to Founders(16:02) Wundergraph Roadmap(20:49) Wundergraph website, socials & community

The rise of AI agents is more than a tooling upgrade - it's a fundamental rewiring of the entire developer experience, with your APIs at the very center. We're joined by Matt DeBergalis, co-founder and then-CTO-now-CEO (congrats Matt!) of Apollo GraphQL, to explore this massive transformation. He introduces the emerging concept of "agent experience," explaining why systems built for human developers are not ready for the unprecedented scale of AI calling APIs.Matt argues that as the old rules of software development get re-evaluated, engineering leaders must rethink their entire stack. He presents a powerful analogy: a structured data layer like a graph is the perfect "left brain" for the "right brain" creativity of LLMs. This provides the semantic precision and guardrails needed for AI to act reliably, enabling a future where user experiences are personalized "to 11" and APIs become the core business asset. This conversation is a crucial guide for leaders on how to prepare by prioritizing higher-level system design, and why clear communication and architecture are becoming far more critical than handwriting code.Check out:The DevEx guide to AI-driven software developmentDownload: The 6 trends shaping the future of AI-driven development Follow the hosts:Follow BenFollow AndrewFollow today's guest(s):Explore Apollo GraphQL's graph infrastructure and MCP tooling: ApolloDevConnect with Matt on LinkedInConnect with Andrew Boyagi on LinkedInReferenced in today's show:Anthropic caps Claude Code usageOpenAI introduces study modeReady or not, age verification is rolling out across the internetAtlassian research: AI adoption is rising, but friction persistsSupport the show: Subscribe to our Substack Leave us a review Subscribe on YouTube Follow us on Twitter or LinkedIn Offers: Learn about Continuous Merge with gitStream Get your DORA Metrics free forever

Join our development team as we share real-world insights from recent API integration projects—including SharePoint, Shopify, QuickBooks, and Claris Connect. From handling authentication quirks to leveraging tools like Postman and n8n, this DevCast dives into the decisions, roadblocks, and solutions behind the systems we build. Whether you're navigating OAuth, working with REST vs. GraphQL, or exploring Claris Connect and workflow automation, there's something here for every FileMaker pro and API tinkerer.

Join our development team as we share real-world insights from recent API integration projects—including SharePoint, Shopify, QuickBooks, and Claris Connect. From handling authentication quirks to leveraging tools like Postman and n8n, this DevCast dives into the decisions, roadblocks, and solutions behind the systems we build. Whether you're navigating OAuth, working with REST vs. GraphQL, or exploring Claris Connect and workflow automation, there's something here for every FileMaker pro and API tinkerer.

#306: In this episode of DevOps Paradox, we delve into the role of GraphQL in modern APIs with guest Sophia Willows from Rye. They discuss the pros and cons of using GraphQL versus REST and gRPC, highlighting the efficiencies and complexities each brings to API development, especially in developer tools. They tackle common misconceptions and usage pitfalls of GraphQL, offering valuable insights into its optimal application. Sophia explains the rationale behind Rye's choice of GraphQL for public-facing APIs while opting for REST and gRPC for internal microservices, reflecting on the trade-offs between performance and flexibility. The episode also touches on the evolution of API standards and speculations on potential future innovations.   Sophia's contact information: LinkedIn: https://www.linkedin.com/in/sophia-willows/   YouTube channel: https://youtube.com/devopsparadox   Review the podcast on Apple Podcasts: https://www.devopsparadox.com/review-podcast/   Slack: https://www.devopsparadox.com/slack/   Connect with us at: https://www.devopsparadox.com/contact/

Zack Kayser, Staff Software Engineer at cars.com, joins Elixir Wizards Sundi Myint and Charles Suggs to discuss how Cars.com adopted a server-driven UI (SDUI) architecture powered by Elixir and GraphQL to deliver consistent, updatable interfaces across web, iOS, and Android. We explore why SDUI matters for feature velocity, how a mature design system and schema planning make it feasible, and what it takes, culturally and technically, to move UI logic from client code into a unified backend. Key topics discussed in this episode: SDUI fundamentals and how it differs from traditional server-side rendering GraphQL as the single source of truth for UI components and layouts Defining abstract UI components on the server to eliminate duplicate logic Leveraging a robust design system as the foundation for SDUI success API-first development and cross-team coordination for schema changes Mock data strategies for early UI feedback without breaking clients Handling breaking changes and hot-fix deployments via server-side updates Enabling flexible layouts and A/B testing through server-controlled ordering Balancing server-driven vs. client-managed UI Iterative SDUI rollout versus “big-bang” migrations in large codebases Using type specs and Dialyxir for clear cross-team communication Integration testing at the GraphQL layer to catch UI regressions early Quality engineering's role in validating server-driven interfaces Production rollback strategies across web and native platforms Considerations for greenfield projects adopting SDUI from day one Zack and Ethan's upcoming Instrumenting Elixir Apps book Links mentioned: https://cars.com https://github.com/absinthe-graphql/absinthe Telemetry & Observability for Elixir Apps Ep: https://youtu.be/1V2xEPqqCso https://www.phoenixframework.org/blog/phoenix-liveview-1.0-released https://hexdocs.pm/phoenixliveview/assigns-eex.html https://graphql.org/ https://tailwindcss.com/ https://github.com/jeremyjh/dialyxir https://github.com/rrrene/credo GraphQL Schema https://graphql.org/learn/schema/ SwiftUI https://developer.apple.com/documentation/swiftui/  Kotlin https://kotlinlang.org/ https://medium.com/airbnb-engineering/a-deep-dive-into-airbnbs-server-driven-ui-system-842244c5f5 Zack's Twitter: https://x.com/kayserzl/ Zack's LinkedIn: https://www.linkedin.com/in/zack-kayser-93b96b88  Special Guest: Zack Kayser.

API First - это просто! Просто садимся и делаем крутой API: универсальный, изящный, дико сложный в реализации и абсолютно бесполезный для использования! А как бы так, чтобы без последних двух пунктов?Спасибо всем, кто нас слушает. Ждем Ваши комментарии.Музыка из выпуска: - https://artists.landr.com/056870627229- https://t.me/angry_programmer_screamsВесь плейлист курса "Kubernetes для DotNet разработчиков": https://www.youtube.com/playlist?list=PLbxr_aGL4q3SrrmOzzdBBsdeQ0YVR3Fc7Бесплатный открытый курс "Rust для DotNet разработчиков": https://www.youtube.com/playlist?list=PLbxr_aGL4q3S2iE00WFPNTzKAARURZW1ZShownotes: 00:00:00 Вступление00:05:00 Кто должен разрабатывать спеку API?00:18:30 Spec First vs Code First vs ...00:22:30 Когда спеки не сходятся00:24:30 Ревью спеки00:30:50 Красивая API, которая никому не нужна00:33:30 Backend 4 Frontend00:45:00 Баланс согласования00:49:25 API as a product00:57:50 Регрессия01:03:20 GraphQL, OData01:19:30 Тестирование моками01:21:05 Версионирование API01:31:30 Как рекламировать спеки, витрина API01:34:00 Open Close Principle для API01:36:00 Безопасность01:39:15 API экономикаСсылки:- https://swagger.io/resources/articles/adopting-an-api-first-approach/ : Неплохая статья- https://github.com/OpenAPITools/openapi-generator : То что заставит всех использовать спеку! Видео: https://youtube.com/live/p_KIy8rTWRs Слушайте все выпуски: https://dotnetmore.mave.digitalYouTube: https://www.youtube.com/playlist?list=PLbxr_aGL4q3R6kfpa7Q8biS11T56cNMf5Twitch: https://www.twitch.tv/dotnetmoreОбсуждайте:- Telegram: https://t.me/dotnetmore_chatСледите за новостями:– Twitter: https://twitter.com/dotnetmore– Telegram channel: https://t.me/dotnetmoreCopyright: https://creativecommons.org/licenses/by-sa/4.0/

Karl and Taylor share their experiences from Editions.dev conference, diving into app development insights, Shopify transitions, and the power of community networking. They discuss APIs, GraphQL, memorable conference food, and reflect on the ever-evolving tech industry. This episode covers the entire Editions.dev WEEK experience.Timestamps00:00 - Personal Anecdotes and Parenting Fails02:27 - Conference Experiences and Networking07:24 - Food Adventures and Family Life07:31 - Personal Life Adjustments10:14 - Camping Adventures and Family Time13:38 - Children's Activities and Parenting Challenges18:12 - Work Updates and App Development Challenges29:47 - Reflections on Editions.dev and Networking30:51 - Tectonic Event Highlights34:02 - Food and Networking Experiences37:24 - Insights from Speakers and Talks41:24 - Approaching Conferences with a New Mindset42:38 - Day of the Editions Party48:30 - Navigating the Event and Meeting New People54:26 - Reflections on Food and Social Interactions57:51 - The Perfect Team: Collaboration and Resource Sharing58:55 - Exciting Workshops and Talks01:00:04 - Community Engagement: Awards and Recognition01:00:59 - Interactive Learning: Round Tables and AMAs01:01:50 - The Future of Shopping: AI and Omni-Channel Strategies01:04:24 - Networking and Community Value01:06:24 - Quality Content Creation: Interviews and Video Production01:09:19 - Engaging with Industry Leaders01:28:49 - Shopify Editions: New Releases and Innovations01:35:47 - Picks of the weekResourcesShopify Editions Summer '25: shopify.com/editions/summer2025Driving Game Breakdown: x.com/tobi/status/1933176858985771367Editions.dev video playlist - https://www.youtube.com/watch?v=-oWo6Krbv6s&list=PLvQF73bM4-5Wr_LdFZkrXqD9hpGhl8pjoPicks of the WeekKarl: Studio GhibliTaylor: Nintendo Switch and Nintendo 64 subscriptionSubscribe to Liquid WeeklyGet expert insights and tips delivered to your inbox: liquidweekly.com

Our beloved former host, Jay Bell, stopped by this week to share what he's learned about using GraphQL to speed up development and keep code quality on point. Always a blast having him back!https://graphql.org/learn/https://www.apollographql.com/https://the-guild.dev/More about Jay: Bluesky: @jaycooperbell.dev‬LinkedIn: Jay BellX: @JayCooperBelltrellis.orghttps://graphql.org/learn/https://www.apollographql.com/https://the-guild.dev/ Follow us onX: The Angular Plus ShowBluesky: @theangularplusshow.bsky.social  The Angular Plus Show is a part of ng-conf. ng-conf is a multi-day Angular conference focused on delivering the highest quality training in the Angular JavaScript framework. Developers from across the globe converge  every year to attend talks and workshops by the Angular team and community experts.Join: http://www.ng-conf.org/Attend: https://ti.to/ng-conf/2025Follow: https://twitter.com/ngconf             https://www.linkedin.com/company/ng-conf             https://bsky.app/profile/ng-conf.bsky.social             https://www.facebook.com/ngconfofficialRead: https://medium.com/ngconfWatch: https://www.youtube.com/@ngconfonline  Edited by Patrick Hayes https://www.spoonfulofmedia.com/ Stock media provided by JUQBOXMUSIC/ Pond5

Send us a textCybersecurity vulnerabilities continue to emerge in unexpected places, as evidenced by the recent Iranian-backed attacks on U.S. water treatment facilities through poorly secured Unitronics PLCs. This alarming development sets the stage for our deep dive into API security - a critical yet often overlooked aspect of modern cybersecurity strategy.APIs form the connective tissue of our digital world, enabling seamless communication between different software systems. However, this interconnectivity creates numerous potential entry points for attackers. From RESTful APIs with their statelessness to enterprise-focused SOAP protocols and the newer GraphQL systems, each implementation brings unique security challenges that must be addressed proactively.We explore the most common API security threats facing organizations today: injection attacks that exploit poorly coded interfaces, broken authentication mechanisms that enable unauthorized access, sensitive data exposure through improper configurations, and man-in-the-middle attacks that intercept communications. Understanding these threats is just the beginning - implementing robust countermeasures is where real security happens.Authentication and access controls form the foundation of API security. OAuth, OpenID Connect, and token-based authentication systems provide powerful protection when implemented correctly. However, token management practices - including secure storage, proper revocation procedures, and regular refreshing - are equally critical yet frequently overlooked components of a comprehensive security strategy.API gateways emerge as perhaps the most valuable security control in your arsenal. Acting as centralized checkpoints, they provide enhanced visibility, consistent authentication enforcement, traffic throttling capabilities, and simplified management across numerous API connections. Cloud-based API gateways from major providers offer scalability and robust features that on-premises solutions struggle to match.Beyond the technical controls, we discuss the human element of API security. The most secure implementations balance protection with functionality while fostering collaboration between security professionals and developers. As I emphasize throughout the episode, effective security isn't about forcing compliance - it's about building bridges of understanding between teams with different expertise.Ready to strengthen your API security posture or prepare for your CISSP exam? Visit cisspcybertraining.com for free questions, comprehensive courseware, and a proven blueprint for certification success.Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Jack Herrington, podcaster, software engineer, writer and YouTuber, joins the pod to uncover the truth behind server functions and why they don't actually exist in the web platform. We dive into the magic behind frameworks like Next.js, TanStack Start, and Remix, breaking down how server functions work, what they simplify, what they hide, and what developers need to know to build smarter, faster, and more secure web apps. Links YouTube: https://www.youtube.com/@jherr Twitter: https://x.com/jherr Github: https://github.com/jherr ProNextJS: https://www.pronextjs.dev Discord: https://discord.com/invite/KRVwpJUG6p LinkedIn: https://www.linkedin.com/in/jherr Website: https://jackherrington.com Resources Server Functions Don't Exist (It Matters) (https://www.youtube.com/watch?v=FPJvlhee04E) We want to hear from you! How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend? Let us know by sending an email to our producer, Em, at emily.kochanek@logrocket.com (mailto:emily.kochanek@logrocket.com), or tweet at us at PodRocketPod (https://twitter.com/PodRocketpod). Follow us. Get free stickers. Follow us on Apple Podcasts, fill out this form (https://podrocket.logrocket.com/get-podrocket-stickers), and we'll send you free PodRocket stickers! What does LogRocket do? LogRocket provides AI-first session replay and analytics that surfaces the UX and technical issues impacting user experiences. Start understanding where your users are struggling by trying it for free at LogRocket.com. Try LogRocket for free today. (https://logrocket.com/signup/?pdr) Special Guest: Jack Herrington.

Whether or not you work in a technical role, you've probably heard of APIs! But what exactly are APIs? In this episode, we explain what an API is, what they are used for, and how HTTP comes into it. Finally, we finish up by giving a brief overview of the different API protocols out there - from REST, to SOAP, to GraphQL! And in true Hot Girls Code style, we bring the tech to life with fun, relatable analogies featuring two of our favourite spots: restaurants and makeup stores.New episodes come out fortnightly on Wednesday morning (NZT).Where to Find Us: ⁠Instagram⁠ ⁠Tik Tok The Hot Girls Code Website⁠Sponsored by:Trade Me

Guests Ben Nickolls | Andrew Nesbitt Panelist Richard Littauer Show Notes In this episode of Sustain, host Richard is joined by guests Ben Nickolls and Andrew Nesbitt to discuss the ecosyste.ms project. They explore how ecosyste.ms collects and analyzes metadata from various open-source projects to create a comprehensive database that can help improve funding allocation. The discussion covers the importance of funding the most critical open-source projects, the existing gaps in funding, and the partnership between ecosyste.ms and Open Source Collective to create funding algorithms that support entire ecosystems. They also talk about the challenges of maintaining data, reaching out to project maintainers, and the broader implications for the open-source community. Hit the download button now! [00:01:58] Andrew and Ben explain ecosyste.ms, what it does, and how it compares to Libraries.io. [00:04:59] Ecosyste.ms tracks metadata, not the packages themselves, and enriches data via dependency graphs, committers, issues, SBOMs, and more. [00:06:54] Andrew talks about finding 1,890 Git hosts and how many critical projects live outside GitHub. [00:08:37] There's a conversation on metadata uses and SBOM parsing. [00:12:49] Richard inquires about the ecosystem.ms funds on their website which Andrew explains it's a collaboration between Open Collective and ecosyste.ms. that algorithmically distributes funds to the most used, not most popular packages. [00:15:45] Ben shares how this is different from previous projects and brings up a past project, “Back Your Stack” and explains how ecosyste.ms is doing two things differently. [00:18:59] Ben explains how it supports payouts to other platforms and encourages maintainers to adopt funding YAML files for automation. Andrew touches on efficient outreach, payout management, and API usage (GraphQL). [00:25:36] Ben elaborates on how companies can fund ecosyste.ms (like Django) instead of curating their own lists and being inspired by Sentry's work with the Open Source Pledge. [00:29:32] Andrew speaks about scaling and developer engagement and emphasizes their focus is on high-impact sustainability. [00:32:48] Richard asks, “Why does it matter?” Ben explains that most current funding goes to popular, not most used projects and ecosyste.ms aims to fix the gap with data backed funding, and he suggests use of open standards like 360Giving and Open Contracting Data. [00:35:46] Andrew shares his thoughts on funding the right projects by improving 1% of OSS, you uplift the quality of millions of dependent projects with healthier infrastructure, faster security updates, and more resilient software. [00:38:35] Find out where you can follow ecosyste.ms and the blog on the web. Quotes [00:11:18] “I call them interesting forks. If a fork is referenced by a package, it'll get indexed.” [00:22:07] We've built a service that now moves like $25 million a year between OSS maintainers on OSC.” [00:33:23] “We don't have enough information to make collective decisions about which projects, communities, maintainers, should receive more funding.” [00:34:23] “The NSF POSE Program has distributed hundreds of millions of dollars of funding to open source communities alone.” [00:35:47] “If you have ten, twenty thousand really critical open source projects, that actually isn't unachievable to make those projects sustainable.” Spotlight [00:39:35] Ben's spotlight is Jellyfin. [00:40:20] Andrew's spotlight is zizmor. [00:42:21] Richard's spotlight is The LaTeX Project. Links SustainOSS (https://sustainoss.org/) podcast@sustainoss.org (mailto:podcast@sustainoss.org) richard@sustainoss.org (mailto:richard@sustainoss.org) SustainOSS Discourse (https://discourse.sustainoss.org/) SustainOSS Mastodon (https://mastodon.social/tags/sustainoss) SustainOSS Bluesky (https://bsky.app/profile/sustainoss.bsky.social) SustainOSS LinkedIn (https://www.linkedin.com/company/sustainoss/) Open Collective-SustainOSS (Contribute) (https://opencollective.com/sustainoss) Richard Littauer Socials (https://www.burntfen.com/2023-05-30/socials) Ben Nickolls LinkedIn (https://www.linkedin.com/in/benjamuk/) Andrew Nesbitt Website (https://nesbitt.io/) Andrew Nesbitt Mastodon (https://mastodon.social/@andrewnez) Octobox (https://github.com/octobox) ecosyste.ms (https://ecosyste.ms/) ecosyste.ms Blog (https://blog.ecosyste.ms/) Open Source Collective (https://oscollective.org/) Open Source Collective Updates (https://opencollective.com/opensource/updates) Open Source Collective Contributions (https://opencollective.com/opensource) Open Source Collective Contributors (https://opencollective.com/open-source) Open Collective (https://opencollective.com/) 24 Pull Requests (https://24pullrequests.com/) Libraries.io (https://libraries.io/) The penumbra of open source (EPJ Data Science) (https://epjdatascience.springeropen.com/articles/10.1140/epjds/s13688-022-00345-7) FOSDEM '25- Open source funding: you're doing it wrong (Andrew and Ben) (https://fosdem.org/2025/schedule/event/fosdem-2025-5576-open-source-funding-you-re-doing-it-wrong/) Vue.js (https://vuejs.org/) thanks.dev (https://thanks.dev/home) StackAid (https://www.stackaid.us/) Back Your Stack (https://backyourstack.com/) NSF POSE (https://www.nsf.gov/funding/initiatives/pathways-enable-open-source-ecosystems) Django (https://www.djangoproject.com/) GitHub Sponsors (https://github.com/sponsors) Sustain Podcast-Episode 80: Emma Irwin and the Foss Fund Program (https://podcast.sustainoss.org/80) Sustain Podcast- 3 Episodes featuring Chad Whitacre (https://podcast.sustainoss.org/guests/chad-whitacre) Sustain Podcast- Episode 218: Karthik Ram & James Howison on Research Software Visibility Infrastructure Priorities (https://podcast.sustainoss.org/218) Sustain Podcast-Episode 247: Chad Whitacre on the Open Source Pledge (https://podcast.sustainoss.org/247) Invest in Open Infrastructure (https://investinopen.org/) 360Giving (https://www.360giving.org/) Open Contracting Data Standard (https://standard.open-contracting.org/latest/en/) Jellyfin (https://opencollective.com/jellyfin) zizmor (https://github.com/zizmorcore/zizmor) The LaTeX Project (https://www.latex-project.org/) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr Peachtree Sound (https://www.peachtreesound.com/) Special Guests: Andrew Nesbitt and Benjamin Nickolls.

Swimming against the current sometimes leads to unexpected treasures. In this fascinating conversation, Adam Fortuna reveals how migrating Hardcover—a social network for readers with 30,000 users—from Next.js back to Ruby on Rails delivered surprising performance improvements and development simplicity.The journey begins with Adam explaining how Hardcover originated as a response to Goodreads shutting down their API. As a longtime Rails developer who initially chose Next.js for its server-side rendering capabilities, Adam found himself drawn back to Rails once modern tools made it viable to combine Rails' backend strengths with React's frontend interactivity. The migration wasn't a complete rewrite—they preserved their React components while replacing GraphQL with ActiveRecord—and unexpectedly saw significant improvements in page load speeds and SEO rankings.At the heart of this technical evolution is Inertia.js, which Adam describes as "the missing piece for Rails for a long time." This elegant solution allows direct connections between Rails controllers and React components without duplicating routes, creating a seamless developer experience. We dive into the challenges they faced, particularly with generating Open Graph images and handling API abuse, and how they solved these problems with pragmatic hybrid approaches.The conversation takes an exciting turn as Adam discusses their work on book recommendation engines, combining collaborative filtering with content analysis to help readers discover their next favorite book. As someone currently enjoying the Dungeon Crawler Carl series (described as "RPG mixed with Hitchhiker's Guide"), Adam's passion for both books and elegant technical solutions shines throughout.Listen in as we explore how going against conventional wisdom sometimes leads to better outcomes, and discover why Hardcover is now being open-sourced to invite community collaboration. Whether you're interested in Rails, JavaScript frameworks, or book recommendations, this episode offers valuable insights into making technical decisions based on real-world results rather than following trends.Linkshttps://hardcover.app/blog/part-1-how-we-fell-out-of-love-with-next-js-and-back-in-love-with-ruby-on-rails-inertia-jshttps://adamfortuna.com/https://bsky.app/profile/adamfortuna.comSend us some love.HoneybadgerHoneybadger is an application health monitoring tool built by developers for developers.JudoscaleAutoscaling that actually works. Take control of your cloud hosting.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the show

Episode SummaryJeremy Snyder is the co-founder and CEO of FireTail, a company that enables organizations to adopt AI safely without sacrificing speed or innovation. In this conversation, Jeremy shares his deep expertise in API and AI security, highlighting the second wave of cloud adoption and his pivotal experiences at AWS during key moments in its growth from startup onwards.Show NotesIn this episode of The Secure Developer, host Danny Allan sits down with Jeremy Snyder, the Co-founder and CEO of FireTail, to unravel the complexities of API security and explore its critical intersection with the burgeoning field of Artificial Intelligence. Jeremy brings a wealth of experience, tracing his journey from early days in computational linguistics and IT infrastructure, through a pivotal period at AWS during its startup phase, to eventually co-founding FireTail to address the escalating challenges in API security driven by modern, decoupled software architectures.The conversation dives deep into the common pitfalls and crucial best practices for securing APIs. Jeremy clearly distinguishes between authentication (verifying identity) and authorization (defining permissions), emphasizing that failures in authorization are a leading cause of API-related data breaches. He sheds light on vulnerabilities like Broken Object-Level Authorization (BOLA), explaining how seemingly innocuous practices like using sequential integer IDs can expose entire datasets if server-side checks are missed. The discussion also touches on the discoverability of backend APIs and the persistent challenges surrounding multi-factor authentication, including the human element in security weaknesses like SIM swapping.Looking at current trends, Jeremy shares insights from FireTail's ongoing research, including their annual "State of API Security" report, which has uncovered novel attack vectors such as attempts to deploy malware via API calls. A significant portion of the discussion focuses on the new frontier of AI security, where APIs serve as the primary conduit for interaction—and potential exploitation. Jeremy details how AI systems and LLM integrations introduce new risks, citing a real-world example of how a vulnerability in an AI's web crawler API could be leveraged for DDoS attacks. He speculates on the future evolution of APIs, suggesting that technologies like GraphQL might become more prevalent to accommodate the non-deterministic and data-hungry nature of AI agents. Despite the evolving threats, Jeremy concludes with an optimistic view, noting that the gap between business adoption of new technologies and security teams' responses is encouragingly shrinking, leading to more proactive and integrated security practices.LinksFireTailRapid7Snyk - The Developer Security Company Follow UsOur WebsiteOur LinkedIn

React Core team member Dan Abramov joins us to explore "JSX over the wire" and the evolving architecture of React Server Components. We dive into the shift from traditional REST APIs to screen-specific data shaping, the concept of Backend for Frontend (BFF), and why centering UI around the user experience—not server/client boundaries—matters more than ever. Links https://danabra.mov https://github.com/gaearon https://bsky.app/profile/danabra.mov https://overreacted.io https://www.youtube.com/@danabramov Resources JSX Over The Wire: https://overreacted.io/jsx-over-the-wire/ Impossible Components: https://overreacted.io/impossible-components/ What Does "use client" Do?: https://overreacted.io/what-does-use-client-do/ Our Journey With Caching: https://nextjs.org/blog/our-journey-with-caching https://parceljs.org https://nextjs.org/docs/app We want to hear from you! How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend? Let us know by sending an email to our producer, Emily, at emily.kochanekketner@logrocket.com (mailto:emily.kochanekketner@logrocket.com), or tweet at us at PodRocketPod (https://twitter.com/PodRocketpod). Follow us. Get free stickers. Follow us on Apple Podcasts, fill out this form (https://podrocket.logrocket.com/get-podrocket-stickers), and we'll send you free PodRocket stickers! What does LogRocket do? LogRocket provides AI-first session replay and analytics that surfaces the UX and technical issues impacting user experiences. Start understand where your users are struggling by trying it for free at [LogRocket.com]. Try LogRocket for free today.(https://logrocket.com/signup/?pdr) Special Guest: Dan Abramov.

We are happy to announce that there will be a dedicated MCP track at the 2025 AI Engineer World's Fair, taking place Jun 3rd to 5th in San Francisco, where the MCP core team and major contributors and builders will be meeting. Join us and apply to speak or sponsor!When we first wrote Why MCP Won, we had no idea how quickly it was about to win.In the past 4 weeks, OpenAI and now Google have now announced the MCP support, effectively confirming our prediction that MCP was the presumptive winner of the agent standard wars. MCP has now overtaken OpenAPI, the incumbent option and most direct alternative, in GitHub stars (3 months ahead of conservative trendline):We have explored the state of MCP at AIE (now the first ever >100k views workshop):And since then, we've added a 7th reason why MCP won - this team acts very quickly on feedback, with the 2025-03-26 spec update adding support for stateless/resumable/streamable HTTP transports, and comprehensive authz capabilities based on OAuth 2.1.This bodes very well for the future of the community and project. For protocol and history nerds, we also asked David and Justin to tell the origin story of MCP, which we leave to the reader to enjoy (you can also skim the transcripts, or, the changelogs of a certain favored IDE). It's incredible the impact that individual engineers solving their own problems can have on an entire industry.Full video episodeLike and subscribe on YouTube!Show Links* David* Justin* MCP* Why MCP WonTimestamps* 00:00 Introduction and Guest Welcome* 00:37 What is MCP?* 02:00 The Origin Story of MCP* 05:18 Development Challenges and Solutions* 08:06 Technical Details and Inspirations* 29:45 MCP vs Open API* 32:48 Building MCP Servers* 40:39 Exploring Model Independence in LLMs* 41:36 Building Richer Systems with MCP* 43:13 Understanding Agents in MCP* 45:45 Nesting and Tool Confusion in MCP* 49:11 Client Control and Tool Invocation* 52:08 Authorization and Trust in MCP Servers* 01:01:34 Future Roadmap and Stateless Servers* 01:10:07 Open Source Governance and Community Involvement* 01:18:12 Wishlist and Closing RemarksTranscriptAlessio [00:00:02]: Hey, everyone. Welcome back to Latent Space. This is Alessio, partner and CTO at Decibel, and I'm joined by my co-host Swyx, founder of Small AI.swyx [00:00:10]: Hey, morning. And today we have a remote recording, I guess, with David and Justin from Anthropic over in London. Welcome. Hey, good You guys have created a storm of hype because of MCP, and I'm really glad to have you on. Thanks for making the time. What is MCP? Let's start with a crisp what definition from the horse's mouth, and then we'll go into the origin story. But let's start off right off the bat. What is MCP?Justin/David [00:00:43]: Yeah, sure. So Model Context Protocol, or MCP for short, is basically something we've designed to help AI applications extend themselves or integrate with an ecosystem of plugins, basically. The terminology is a bit different. We use this client-server terminology, and we can talk about why that is and where that came from. But at the end of the day, it really is that. It's like extending and enhancing the functionality of AI application.swyx [00:01:05]: David, would you add anything?Justin/David [00:01:07]: Yeah, I think that's actually a good description. I think there's like a lot of different ways for how people are trying to explain it. But at the core, I think what Justin said is like extending AI applications is really what this is about. And I think the interesting bit here that I want to highlight, it's AI applications and not models themselves that this is focused on. That's a common misconception that we can talk about a bit later. But yeah. Another version that we've used and gotten to like is like MCP is kind of like the USB-C port of AI applications and that it's meant to be this universal connector to a whole ecosystem of things.swyx [00:01:44]: Yeah. Specifically, an interesting feature is, like you said, the client and server. And it's a sort of two-way, right? Like in the same way that said a USB-C is two-way, which could be super interesting. Yeah, let's go into a little bit of the origin story. There's many people who've tried to make statistics. There's many people who've tried to build open source. I think there's an overall, also, my sense is that Anthropic is going hard after developers in the way that other labs are not. And so I'm also curious if there was any external influence or was it just you two guys just in a room somewhere riffing?Justin/David [00:02:18]: It is actually mostly like us two guys in a room riffing. So this is not part of a big strategy. You know, if you roll back time a little bit and go into like July 2024. I was like, started. I started at Anthropic like three months earlier or two months earlier. And I was mostly working on internal developer tooling, which is what I've been doing for like years and years before. And as part of that, I think there was an effort of like, how do I empower more like employees at Anthropic to use, you know, to integrate really deeply with the models we have? Because we've seen these, like, how good it is, how amazing it will become even in the future. And of course, you know, just dogfoot your own model as much as you can. And as part of that. From my development tooling background, I quickly got frustrated by the idea that, you know, on one hand side, I have Cloud Desktop, which is this amazing tool with artifacts, which I really enjoyed. But it was very limited to exactly that feature set. And it was there was no way to extend it. And on the other hand side, I like work in IDEs, which could greatly like act on like the file system and a bunch of other things. But then they don't have artifacts or something like that. And so what I constantly did was just copy. Things back and forth on between Cloud Desktop and the IDE, and that quickly got me, honestly, just very frustrated. And part of that frustration wasn't like, how do I go and fix this? What, what do we need? And back to like this development developer, like focus that I have, I really thought about like, well, I know how to build all these integrations, but what do I need to do to let these applications let me do this? And so it's very quickly that you see that this is clearly like an M times N problem. Like you have multiple like applications. And multiple integrations you want to build and like, what that is better there to fix this than using a protocol. And at the same time, I was actually working on an LSP related thing internally that didn't go anywhere. But you put these things together in someone's brain and let them wait for like a few weeks. And out of that comes like the idea of like, let's build some, some protocol. And so back to like this little room, like it was literally just me going to a room with Justin and go like, I think we should build something like this. Uh, this is a good idea. And Justin. Lucky for me, just really took an interest in the idea, um, and, and took it from there to like, to, to build something, together with me, that's really the inception story is like, it's us to, from then on, just going and building it over, over the course of like, like a month and a half of like building the protocol, building the first integration, like Justin did a lot of the, like the heavy lifting of the first integrations in cloud desktop. I did a lot of the first, um, proof of concept of how this can look like in an IDE. And if you, we could talk about like some of. All the tidbits you can find way before the inception of like before the official release, if you were looking at the right repositories at the right time, but there you go. That's like some of the, the rough story.Alessio [00:05:12]: Uh, what was the timeline when, I know November 25th was like the official announcement date. When did you guys start working on it?Justin/David [00:05:19]: Justin, when did we start working on that? I think it, I think it was around July. I think, yeah, I, as soon as David pitched this initial idea, I got excited pretty quickly and we started working on it, I think. I think almost immediately after that conversation and then, I don't know, it was a couple, maybe a few months of, uh, building the really unrewarding bits, if we're being honest, because for, for establishing something that's like this communication protocol has clients and servers and like SDKs everywhere, there's just like a lot of like laying the groundwork that you have to do. So it was a pretty, uh, that was a pretty slow couple of months. But then afterward, once you get some things talking over that wire, it really starts to get exciting and you can start building. All sorts of crazy things. And I think this really came to a head. And I don't remember exactly when it was, maybe like approximately a month before release, there was an internal hackathon where some folks really got excited about MCP and started building all sorts of crazy applications. I think the coolest one of which was like an MCP server that can control a 3d printer or something. And so like, suddenly people are feeling this power of like cloud connecting to the outside world in a really tangible way. And that, that really added some, uh, some juice to us and to the release.Alessio [00:06:32]: Yeah. And we'll go into the technical details, but I just want to wrap up here. You mentioned you could have seen some things coming if you were looking in the right places. We always want to know what are the places to get alpha, how, how, how to find MCP early.Justin/David [00:06:44]: I'm a big Zed user. I liked the Zed editor. The first MCP implementation on an IDE was in Zed. It was written by me and it was there like a month and a half before the official release. Just because we needed to do it in the open because it's an open source project. Um, and so it was, it was not, it was named slightly differently because we. We were not set on the name yet, but it was there.swyx [00:07:05]: I'm happy to go a little bit. Anthropic also had some preview of a model with Zed, right? Some kind of fast editing, uh, model. Um, uh, I, I'm con I confess, you know, I'm a cursor windsurf user. Haven't tried Zed. Uh, what's, what's your, you know, unrelated or, you know, unsolicited two second pitch for, for Zed. That's a good question.Justin/David [00:07:28]: I, it really depends what you value in editors. For me. I, I wouldn't even say I like, I love Zed more than others. I like them all like complimentary in, in a way or another, like I do use windsurf. I do use Zed. Um, but I think my, my main pitch for Zed is low latency, super smooth experience editor with a decent enough AI integration.swyx [00:07:51]: I mean, and maybe, you know, I think that's, that's all it is for a lot of people. Uh, I think a lot of people obviously very tied to the VS code paradigm and the extensions that come along with it. Okay. So I wanted to go back a little bit. You know, on, on, on some of the things that you mentioned, Justin, uh, which was building MCP on paper, you know, obviously we only see the end result. It just seems inspired by LSP. And I, I think both of you have acknowledged that. So how much is there to build? And when you say build, is it a lot of code or a lot of design? Cause I felt like it's a lot of design, right? Like you're picking JSON RPC, like how much did you base off of LSP and, and, you know, what, what, what was the sort of hard, hard parts?Justin/David [00:08:29]: Yeah, absolutely. I mean, uh, we, we definitely did take heavy inspiration from LSP. David had much more prior experience with it than I did working on developer tools. So, you know, I've mostly worked on products or, or sort of infrastructural things. LSP was new to me. But as a, as a, like, or from design principles, it really makes a ton of sense because it does solve this M times N problem that David referred to where, you know, in the world before LSP, you had all these different IDEs and editors, and then all these different languages that each wants to support or that their users want them to support. And then everyone's just building like one. And so, like, you use Vim and you might have really great support for, like, honestly, I don't know, C or something, and then, like, you switch over to JetBrains and you have the Java support, but then, like, you don't get to use the great JetBrains Java support in Vim and you don't get to use the great C support in JetBrains or something like that. So LSP largely, I think, solved this problem by creating this common language that they could all speak and that, you know, you can have some people focus on really robust language server implementations, and then the IDE developers can really focus on that side. And they both benefit. So that was, like, our key takeaway for MCP is, like, that same principle and that same problem in the space of AI applications and extensions to AI applications. But in terms of, like, concrete particulars, I mean, we did take JSON RPC and we took this idea of bidirectionality, but I think we quickly took it down a different route after that. I guess there is one other principle from LSP that we try to stick to today, which is, like, this focus on how features manifest. More than. The semantics of things, if that makes sense. David refers to it as being presentation focused, where, like, basically thinking and, like, offering different primitives, not because necessarily the semantics of them are very different, but because you want them to show up in the application differently. Like, that was a key sort of insight about how LSP was developed. And that's also something we try to apply to MCP. But like I said, then from there, like, yeah, we spent a lot of time, really a lot of time, and we could go into this more separately, like, thinking about each of the primitives that we want to offer in MCP. And why they should be different, like, why we want to have all these different concepts. That was a significant amount of work. That was the design work, as you allude to. But then also already out of the gate, we had three different languages that we wanted to at least support to some degree. That was TypeScript, Python, and then for the Z integration, it was Rust. So there was some SDK building work in those languages, a mixture of clients and servers to build out to try to create this, like, internal ecosystem that we could start playing with. And then, yeah, I guess just trying to make everything, like, robust over, like, I don't know, this whole, like, concept that we have for local MCP, where you, like, launch subprocesses and stuff and making that robust took some time as well. Yeah, maybe adding to that, I think the LSP inference goes even a little bit further. Like, we did take actually quite a look at criticisms on LSP, like, things that LSP didn't do right and things that people felt they would love to have different and really took that to heart to, like, see, you know, what are some of the things. that we wish, you know, we should do better. We took a, you know, like, a lengthy, like, look at, like, their very unique approach to JSON RPC, I may say, and then we decided that this is not what we do. And so there's, like, these differences, but it's clearly very, very inspired. Because I think when you're trying to build and focus, if you're trying to build something like MCP, you kind of want to pick the areas you want to innovate in, but you kind of want to be boring about the other parts in pattern matching LSP. So the problem allows you to be boring in a lot of the core pieces that you want to be boring in. Like, the choice of JSON RPC is very non-controversial to us because it's just, like, it doesn't matter at all, like, what the action, like, bites on the bar that you're speaking. It makes no difference to us. The innovation is on the primitives you choose and these type of things. And so there's way more focus on that that we wanted to do. So having some prior art is good there, basically.swyx [00:12:26]: It does. I wanted to double click. I mean, there's so many things you can go into. Obviously, I am passionate about protocol design. I wanted to show you guys this. I mean, I think you guys know, but, you know, you already referred to the M times N problem. And I can just share my screen here about anyone working in developer tools has faced this exact issue where you see the God box, basically. Like, the fundamental problem and solution of all infrastructure engineering is you have things going to N things, and then you put the God box and they'll all be better, right? So here is one problem for Uber. One problem for... GraphQL, one problem for Temporal, where I used to work at, and this is from React. And I was just kind of curious, like, you know, did you solve N times N problems at Facebook? Like, it sounds like, David, you did that for a living, right? Like, this is just N times N for a living.Justin/David [00:13:16]: David Pérez- Yeah, yeah. To some degree, for sure. I did. God, what a good example of this, but like, I did a bunch of this kind of work on like source control systems and these type of things. And so there were a bunch of these type of problems. And so you just shove them into something that everyone can read from and everyone can write to, and you build your God box somewhere, and it works. But yeah, it's just in developer tooling, you're absolutely right. In developer tooling, this is everywhere, right?swyx [00:13:47]: And that, you know, it shows up everywhere. And what was interesting is I think everyone who makes the God box then has the same set of problems, which is also you now have like composability off and remotes versus local. So, you know, there's this very common set of problems. So I kind of want to take a meta lesson on how to do the God box, but, you know, we can talk about the sort of development stuff later. I wanted to double click on, again, the presentation that Justin mentioned of like how features manifest and how you said some things are the same, but you just want to reify some concepts so they show up differently. And I had that sense, you know, when I was looking at the MCP docs, I'm like, why do these two things need to be the difference in other? I think a lot of people treat tool calling as the solution to everything, right? And sometimes you can actually sort of view kinds of different kinds of tool calls as different things. And sometimes they're resources. Sometimes they're actually taking actions. Sometimes they're something else that I don't really know yet. But I just want to see, like, what are some things that you sort of mentally group as adjacent concepts and why were they important to you to emphasize?Justin/David [00:14:58]: Yeah, I can chat about this a bit. I think fundamentally we every sort of primitive that we thought through, we thought from the perspective of the application developer first, like if I'm building an application, whether it is an IDE or, you know, call a desktop or some agent interface or whatever the case may be, what are the different things that I would want to receive from like an integration? And I think once you take that lens, it becomes quite clear that that tool calling is necessary, but very insufficient. Like there are many other things you would want to do besides just get tools. And plug them into the model and you want to have some way of differentiating what those different things are. So the kind of core primitives that we started MCP with, we've since added a couple more, but the core ones are really tools, which we've already talked about. It's like adding, adding tools directly to the model or function calling is sometimes called resources, which is basically like bits of data or context that you might want to add to the context. So excuse me, to the, to the model context. And this, this is the first primitive where it's like, we, we. Decided this could be like application controlled, like maybe you want a model to automatically search through and, and find relevant resources and bring them into context. But maybe you also want that to be an explicit UI affordance in the application where the user can like, you know, pick through a dropdown or like a paperclip menu or whatever, and find specific things and tag them in. And then that becomes part of like their message to the LLM. Like those are both use cases for resources. And then the third one is prompts. Which are deliberately meant to be like user initiated or. Like. User substituted. Text or messages. So like the analogy here would be like, if you're an editor, like a slash command or something like that, or like an at, you know, auto completion type thing where it's like, I have this kind of macro effectively that I want to drop in and use. And we have sort of expressed opinions through MCP about the different ways that these things could manifest, but ultimately it is for application developers to decide, okay, you, you get these different concepts expressed differently. Um, and it's very useful as an application developer because you can decide. The appropriate experience for each, and actually this can be a point of differentiation to, like, we were also thinking, you know, from the application developer perspective, they, you know, application developers don't want to be commoditized. They don't want the application to end up the same as every other AI application. So like, what are the unique things that they could do to like create the best user experience even while connecting up to this big open ecosystem of integration? I, yeah. And I think to add to that, the, I think there are two, two aspects to that, that I want to. I want to mention the first one is that interestingly enough, like while nowadays tool calling is obviously like probably like 95% plus of the integrations, and I wish there would be, you know, more clients doing tool resources, doing prompts. The, the very first implementation in that is actually a prompt implementation. It doesn't deal with tools. And, and it, we found this actually quite useful because what it allows you to do is, for example, build an MCP server that takes like a backtrack. So it's, it's not necessarily like a tool that literally just like rawizes from Sentry or any other like online platform that, that tracks your, your crashes. And just lets you pull this into the context window beforehand. And so it's quite nice that way that it's like a user driven interaction that you does the user decide when to pull this in and don't have to wait for the model to do it. And so it's a great way to craft the prompt in a way. And I think similarly, you know, I wish, you know, more MCP servers today would bring prompts as examples of, like how to even use the tools. Yeah. at the same time. The resources bits are quite interesting as well. And I wish we would see more usage there because it's very easy to envision, but yet nobody has really implemented it. A system where like an MCP server exposes, you know, a set of documents that you have, your database, whatever you might want to as a set of resources. And then like a client application would build a full rack index around this, right? This is definitely an application use case we had in mind as to why these are exposed in such a way that they're not model driven, because you might want to have way more resource content than is, you know, realistically usable in a context window. And so I think, you know, I wish applications and I hope applications will do this in the next few months, use these primitives, you know, way better, because I think there's way more rich experiences to be created that way. Yeah, completely agree with that. And I would also add that I would go into it if I haven't.Alessio [00:19:30]: I think that's a great point. And everybody just, you know, has a hammer and wants to do tool calling on everything. I think a lot of people do tool calling to do a database query. They don't use resources for it. What are like the, I guess, maybe like pros and cons or like when people should use a tool versus a resource, especially when it comes to like things that do have an API interface, like for a database, you can do a tool that does a SQL query versus when should you do that or a resource instead with the data? Yeah.Justin/David [00:20:00]: The way we separate these is like tools are always meant to be initiated by the model. It's sort of like at the model's discretion that it will like find the right tool and apply it. So if that's the interaction you want as a server developer, where it's like, okay, this, you know, suddenly I've given the LLM the ability to run a SQL queries, for example, that makes sense as a tool. But resources are more flexible, basically. And I think, to be completely honest, the story here is practically a bit complicated today. Because many clients don't support resources yet. But like, I think in an ideal world where all these concepts are fully realized, and there's like full ecosystem support, you would do resources for things like the schemas of your database tables and stuff like that, as a way to like either allow the user to say like, okay, now, you know, cloud, I want to talk to you about this database table. Here it is. Let's have this conversation. Or maybe the particular AI application that you're using, like, you know, could be something agentic, like cloud code. is able to just like agentically look up resources and find the right schema of the database table you're talking about, like both those interactions are possible. But I think like, anytime you have this sort of like, you want to list a bunch of entities, and then read any of them, that makes sense to model as resources. Resources are also, they're uniquely identified by a URI, always. And so you can also think of them as like, you know, sort of general purpose transformers, even like, if you want to support an interaction where a user just like drops a URI in, and then you like automatically figure out how to interpret that, you could use MCP servers to do that interpretation. One of the interesting side notes here, back to the Z example of resources, is that has like a prompt library that you can do, that people can interact with. And we just exposed a set of default prompts that we want everyone to have as part of that prompt library. Yeah, resources for a while so that like, you boot up Zed and Zed will just populate the prompt library from an MCP server, which was quite a cool interaction. And that was, again, a very specific, like, both sides needed to agree upon the URI format and the underlying data format. And but that was a nice and kind of like neat little application of resources. There's also going back to that perspective of like, as an application developer, what are the things that I would want? Yeah. We also applied this thinking to like, you know, like, we can do this, we can do this, we can do this, we can do this. Like what existing features of applications could conceivably be kind of like factored out into MCP servers if you were to take that approach today. And so like basically any IDE where you have like an attachment menu that I think naturally models as resources. It's just, you know, those implementations already existed.swyx [00:22:49]: Yeah, I think the immediate like, you know, when you introduced it for cloud desktop and I saw the at sign there, I was like, oh, yeah, that's what Cursor has. But this is for everyone else. And, you know, I think like that that is a really good design target because it's something that already exists and people can map on pretty neatly. I was actually featuring this chart from Mahesh's workshop that presumably you guys agreed on. I think this is so useful that it should be on the front page of the docs. Like probably should be. I think that's a good suggestion.Justin/David [00:23:19]: Do you want to do you want to do a PR for this? I love it.swyx [00:23:21]: Yeah, do a PR. I've done a PR for just Mahesh's workshop in general, just because I'm like, you know. I know.SPEAKER_03 [00:23:28]: I approve. Yeah.swyx [00:23:30]: Thank you. Yeah. I mean, like, but, you know, I think for me as a developer relations person, I always insist on having a map for people. Here are all the main things you have to understand. We'll spend the next two hours going through this. So some one image that kind of covers all this, I think is pretty helpful. And I like your emphasis on prompts. I would say that it's interesting that like I think, you know, in the earliest early days of like chat GPT and cloud, people. Often came up with, oh, you can't really follow my screen, can you? In the early days of chat of, of chat, GPT and all that, like a lot, a lot of people started like, you know, GitHub for prompts, like we'll do prop manager libraries and, and like those never really took off. And I think something like this is helpful and important. I would say like, I've also seen prompt file from human loop, I think, as, as other ways to standardize how people share prompts. But yeah, I agree that like, there should be. There should be more innovation here. And I think probably people want some dynamicism, which I think you, you afford, you allow for. And I like that you have multi-step that this was, this is the main thing that got me like, like these guys really get it. You know, I think you, you maybe have a published some research that says like, actually sometimes to get, to get the model working the right way, you have to do multi-step prompting or jailbreaking to, to, to behave the way that you want. And so I think prompts are not just single conversations. They're sometimes chains of conversations. Yeah.Alessio [00:25:05]: Another question that I had when I was looking at some server implementations, the server builders kind of decide what data gets eventually returned, especially for tool calls. For example, the Google maps one, right? If you just look through it, they decide what, you know, attributes kind of get returned and the user can not override that if there's a missing one. That has always been my gripe with like SDKs in general, when people build like API wrapper SDKs. And then they miss one parameter that maybe it's new and then I can not use it. How do you guys think about that? And like, yeah, how much should the user be able to intervene in that versus just letting the server designer do all the work?Justin/David [00:25:41]: I think we probably bear responsibility for the Google maps one, because I think that's one of the reference servers we've released. I mean, in general, for things like for tool results in particular, we've actually made the deliberate decision, at least thus far, for tool results to be not like sort of structured JSON data, not matching a schema, really, but as like a text or images or basically like messages that you would pass into the LLM directly. And so I guess the correlation that is, you really should just return a whole jumble of data and trust the LLM to like sort through it and see. I mean, I think we've clearly done a lot of work. But I think we really need to be able to shift and like, you know, extract the information it cares about, because that's what that's exactly what they excel at. And we really try to think about like, yeah, how to, you know, use LLMs to their full potential and not maybe over specify and then end up with something that doesn't scale as LLMs themselves get better and better. So really, yeah, I suppose what should be happening in this example server, which again, will request welcome. It would be great. It's like if all these result types were literally just passed through from the API that it's calling, and then the API would be able to pass through automatically.Alessio [00:26:50]: Thank you for joining us.Alessio [00:27:19]: It's a hard to sign decisions on where to draw the line.Justin/David [00:27:22]: I'll maybe throw AI under the bus a little bit here and just say that Claude wrote a lot of these example servers. No surprise at all. But I do think, sorry, I do think there's an interesting point in this that I do think people at the moment still to mostly still just apply their normal software engineering API approaches to this. And I think we're still need a little bit more relearning of how to build something for LLMs and trust them, particularly, you know, as they are getting significantly better year to year. Right. And I think, you know, two years ago, maybe that approach would have been very valid. But nowadays, just like just throw data at that thing that is really good at dealing with data is a good approach to this problem. And I think it's just like unlearning like 20, 30, 40 years of software engineering practices that go a little bit into this to some degree. If I could add to that real quickly, just one framing as well for MCP is thinking in terms of like how crazily fast AI is advancing. I mean, it's exciting. It's also scary. Like thinking, us thinking that like the biggest bottleneck to, you know, the next wave of capabilities for models might actually be their ability to like interact with the outside world to like, you know, read data from outside data sources or like take stateful actions. Working at Anthropic, we absolutely care about doing that. Safely and with the right control and alignment measures in place and everything. But also as AI gets better, people will want that. That'll be key to like becoming productive with AI is like being able to connect them up to all those things. So MCP is also sort of like a bet on the future and where this is all going and how important that will be.Alessio [00:29:05]: Yeah. Yeah, I would say any API attribute that says formatted underscore should kind of be gone and we should just get the raw data from all of them. Because why, you know, why are you formatting? For me, the, the model is definitely smart enough to format an address. So I think that should go to the end user.swyx [00:29:23]: Yeah. I have, I think Alessio is about to move on to like server implementation. I wanted to, I think we were talking, we're still talking about sort of MCP design and goals and intentions. And we've, I think we've indirectly identified like some problems that MCP is really trying to address. But I wanted to give you the spot to directly take on MCP versus open API, because I think obviously there's a, this is a top question. I wanted to sort of recap everything we just talked about and give people a nice little segment that, that people can say, say, like, this is a definitive answer on MCP versus open API.Justin/David [00:29:56]: Yeah, I think fundamentally, I mean, open API specifications are a very great tool. And like I've used them a lot in developing APIs and consumers of APIs. I think fundamentally, or we think that they're just like too granular for what you want to do with LLMs. Like they don't express higher level AI specific concepts like this whole mental model. Yeah. But we've talked about with the primitives of MCP and thinking from the perspective of the application developer, like you don't get any of that when you encode this information into an open API specification. So we believe that models will benefit more from like the purpose built or purpose design tools, resources, prompts, and the other primitives than just kind of like, here's our REST API, go wild. I do think there, there's another aspect. I think that I'm not an open API expert, so I might, everything might not be perfectly accurate. But I do think that we're... Like there's been, and we can talk about this a bit more later. There's a deliberate design decision to make the protocol somewhat stateful because we do really believe that AI applications and AI like interactions will become inherently more stateful and that we're the current state of like, like need for statelessness is more a temporary point in time that will, you know, to some degree that will always exist. But I think like more statefulness will become increasingly more popular, particularly when you think about additional modalities that go beyond just pure text-based, you know, interactions with models, like it might be like video, audio, whatever other modalities exist and out there already. And so I do think that like having something a bit more stateful is just inherently useful in this interaction pattern. I do think they're actually more complimentary open API and MCP than if people wanted to make it out. Like people look. For these, like, you know, A versus B and like, you know, have, have all the, all the developers of these things go in a room and fist fight it out. But that's rarely what's going on. I think it's actually, they're very complimentary and they have their little space where they're very, very strong. And I think, you know, just use the best tool for the job. And if you want to have a rich interaction between an AI application, it's probably like, it's probably MCP. That's the right choice. And if, if you want to have like an API spec somewhere that is very easy and like a model can read. And to interpret, and that's what, what worked for you, then open API is the way to go. One more thing to add here is that we've already seen people, I mean, this happened very early. People in the community built like bridges between the two as well. So like, if what you have is an open API specification and no one's, you know, building a custom MCP server for it, there are already like translators that will take that and re-expose it as MCP. And you could do the other direction too. Awesome.Alessio [00:32:43]: Yeah. I think there's the other side of MCPs that people don't talk as much. Okay. I think there's the other side of MCPs that people don't talk as much about because it doesn't go viral, which is building the servers. So I think everybody does the tweets about like connect the cloud desktop to XMCP. It's amazing. How would you guys suggest people start with building servers? I think the spec is like, so there's so many things you can do that. It's almost like, how do you draw the line between being very descriptive as a server developer versus like going back to our discussion before, like just take the data and then let them auto manipulate it later. Do you have any suggestions for people?Justin/David [00:33:16]: I. I think there, I have a few suggestions. I think that one of the best things I think about MCP and something that we got right very early is that it's just very, very easy to build like something very simple that might not be amazing, but it's pretty, it's good enough because models are very good and get this going within like half an hour, you know? And so I think that the best part is just like pick the language of, you know, of your choice that you love the most, pick the SDK for it, if there's an SDK for it, and then just go build a tool of the thing that matters to you personally. And that you want to use. You want to see the model like interact with, build the server, throw the tool in, don't even worry too much about the description just yet, like do a bit of like, write your little description as you think about it and just give it to the model and just throw it to standard IO protocol transport wise into like an application that you like and see it do things. And I think that's part of the magic that, or like, you know, empowerment and magic for developers to get so quickly to something that the model does. Or something that you care about. That I think really gets you going and gets you into this flow of like, okay, I see this thing can do cool things. Now I go and, and can expand on this and now I can go and like really think about like, which are the different tools I want, which are the different raw resources and prompts I want. Okay. Now that I have that. Okay. Now do I, what do my evals look like for how I want this to go? How do I optimize my prompts for the evals using like tools like that? This is infinite depth so that you can do. But. Okay. Just start. As simple as possible and just go build a server in like half an hour in the language of your choice and how the model interacts with the things that matter to you. And I think that's where the fun is at. And I think people, I think a lot of what MCP makes great is it just adds a lot of fun to the development piece to just go and have models do things quickly. I also, I'm quite partial, again, to using AI to help me do the coding. Like, I think even during the initial development process, we realized it was quite easy to basically just take all the SDK code. Again, you know, what David suggested, like, you know, pick the language you care about, and then pick the SDK. And once you have that, you can literally just drop the whole SDK code into an LLM's context window and say, okay, now that you know MCP, build me a server that does that. This, this, this. And like, the results, I think, are astounding. Like, I mean, it might not be perfect around every single corner or whatever. And you can refine it over time. But like, it's a great way to kind of like one shot something that basically does what you want, and then you can iterate from there. And like David said, there has been a big emphasis from the beginning on like making servers as easy and simple to build as possible, which certainly helps with LLMs doing it too. We often find that like, getting started is like, you know, 100, 200 lines of code in the last couple of years. It's really quite easy. Yeah. And if you don't have an SDK, again, give the like, give the subset of the spec that you care about to the model, and like another SDK and just have it build you an SDK. And it usually works for like, that subset. Building a full SDK is a different story. But like, to get a model to tool call in Haskell or whatever, like language you like, it's probably pretty straightforward.swyx [00:36:32]: Yeah. Sorry.Alessio [00:36:34]: No, I was gonna say, I co-hosted a hackathon at the AGI house. I'm a personal agent, and one of the personal agents somebody built was like an MCP server builder agent, where they will basically put the URL of the API spec, and it will build an MCP server for them. Do you see that today as kind of like, yeah, most servers are just kind of like a layer on top of an existing API without too much opinion? And how, yeah, do you think that's kind of like how it's going to be going forward? Just like AI generated, exposed to API that already exists? Or are we going to see kind of like net new MCP experiences that you... You couldn't do before?Justin/David [00:37:10]: I think, go for it. I think both, like, I, I think there, there will always be value in like, oh, I have, you know, I have my data over here, and I want to use some connector to bring it into my application over here. That use case will certainly remain. I think, you know, this, this kind of goes back to like, I think a lot of things today are maybe defaulting to tool use when some of the other primitives would be maybe more appropriate over time. And so it could still be that connector. It could still just be that sort of adapter layer, but could like actually adapt it onto different primitives, which is one, one way to add more value. But then I also think there's plenty of opportunity for use cases, which like do, you know, or for MCP servers that kind of do interesting things in and out themselves and aren't just adapters. Some of the earliest examples of this were like, you know, the memory MCP server, which gives the LLM the ability to remember things across conversations or like someone who's a close coworker built the... I shouldn't have said that, not a close coworker. Someone. Yeah. Built the sequential thinking MCP server, which gives a model the ability to like really think step-by-step and get better at its reasoning capabilities. This is something where it's like, it really isn't integrating with anything external. It's just providing this sort of like way of thinking for a model.Justin/David [00:38:27]: I guess either way though, I think AI authorship of the servers is totally possible. Like I've had a lot of success in prompting, just being like, Hey, I want to build an MCP server that like does this thing. And even if this thing is not. Adapting some other API, but it's doing something completely original. It's usually able to figure that out too. Yeah. I do. I do think that the, to add to that, I do think that a good part of, of what MCP servers will be, will be these like just API wrapper to some degree. Um, and that's good to be valid because that works and it gets you very, very far. But I think we're just very early, like in, in exploring what you can do. Um, and I think as client support for like certain primitives get better, like we can talk about sampling. I'm playing with my favorite topic and greatest frustration at the same time. Um, I think you can just see it very easily see like way, way, way richer experiences and we have, we have built them internally for as prototyping aspects. And I think you see some of that in the community already, but there's just, you know, things like, Hey, summarize my, you know, my, my, my, my favorite subreddits for the morning MCP server that nobody has built yet, but it's very easy to envision. And the protocol can totally do this. And these are like slightly richer experiences. And I think as people like go away from like the, oh, I just want to like, I'm just in this new world where I can hook up the things that matter to me, to the LLM, to like actually want a real workflow, a real, like, like more richer experience that I, I really want exposed to the model. I think then you will see these things pop up, but again, that's a, there's a little bit of a chicken and egg problem at the moment with like what a client supported versus, you know, what servers like authors want to do. Yeah.Alessio [00:40:10]: That, that, that was. That's kind of my next question on composability. Like how, how do you guys see that? Do you have plans for that? What's kind of like the import of MCPs, so to speak, into another MCP? Like if I want to build like the subreddit one, there's probably going to be like the Reddit API, uh, MCP, and then the summarization MCP. And then how do I, how do I do a super MCP?Justin/David [00:40:33]: Yeah. So, so this is an interesting topic and I think there, um, so there, there are two aspects to it. I think that the one aspect is like, how can I build something? I think agentically that you requires an LLM call and like a one form of fashion, like for summarization or so, but I'm staying model independent and for that, that's where like part of this by directionality comes in, in this more rich experience where we do have this facility for servers to ask the client again, who owns the LLM interaction, right? Like we talk about cursor, who like runs the, the, the loop with the LLM for you there that for the server author to ask the client for a completion. Um, and basically have it like summarize something for the server and return it back. And so now what model summarizes this depends on which one you have selected in cursor and not depends on what the author brings. The author doesn't bring an SDK. It doesn't have, you had an API key. It's completely model independent, how you can build this. There's just one aspect to that. The second aspect to building richer, richer systems with MCP is that you can easily envision an MCP server that serves something to like something like cursor or win server. For a cloud desktop, but at the same time, also is an MCP client at the same time and itself can use MCP servers to create a rich experience. And now you have a recursive property, which we actually quite carefully in the design principles, try to retain. You, you know, you see it all over the place and authorization and other aspects, um, to the spec that we retain this like recursive pattern. And now you can think about like, okay, I have, I have this little bundle of applications, both a server and a client. And I can add. Add these in chains and build basically graphs like, uh, DAGs out of MCP servers, um, uh, that can just richly interact with each other. A agentic MCP server can also use the whole ecosystem of MCP servers available to themselves. And I think that's a really cool environment, cool thing you can do. And people have experimented with this. And I think you see hopefully more of this, particularly when you think about like auto-selecting, auto-installing, there's a bunch of these things you can do that make, uh, make a really fun experience. I, I think practically there are some niceties we still need to add to the SDKs to make this really simple and like easy to execute on like this kind of recursive MCP server that is also a client or like kind of multiplexing together the behaviors of multiple MCP servers into one host, as we call it. These are things we definitely want to add. We haven't been able to yet, but like, uh, I think that would go some way to showcasing these things that we know are already possible, but not necessarily taken up that much yet. Okay.swyx [00:43:08]: This is, uh, very exciting. And very, I'm sure, I'm sure a lot of people get very, very, uh, a lot of ideas and inspiration from this. Is an MCP server that is also a client, is that an agent?Justin/David [00:43:19]: What's an agent? There's a lot of definitions of agents.swyx [00:43:22]: Because like you're, in some ways you're, you're requesting something and it's going off and doing stuff that you don't necessarily know. There's like a layer of abstraction between you and the ultimate raw source of the data. You could dispute that. Yeah. I just, I don't know if you have a hot take on agents.Justin/David [00:43:35]: I do think, I do think that you can build an agent that way. For me, I think you need to define the difference between. An MCP server plus client that is just a proxy versus an agent. I think there's a difference. And I think that difference might be in, um, you know, for example, using a sample loop to create a more richer experience to, uh, to, to have a model call tools while like inside that MCP server through these clients. I think then you have a, an actual like agent. Yeah. I do think it's very simple to build agents that way. Yeah. I think there are maybe a few paths here. Like it definitely feels like there's some relationship. Between MCP and agents. One possible version is like, maybe MCP is a great way to represent agents. Maybe there are some like, you know, features or specific things that are missing that would make the ergonomics of it better. And we should make that part of MCP. That's one possibility. Another is like, maybe MCP makes sense as kind of like a foundational communication layer for agents to like compose with other agents or something like that. Or there could be other possibilities entirely. Maybe MCP should specialize and narrowly focus on kind of the AI application side. And not as much on the agent side. I think it's a very live question and I think there are sort of trade-offs in every direction going back to the analogy of the God box. I think one thing that we have to be very careful about in designing a protocol and kind of curating or shepherding an ecosystem is like trying to do too much. I think it's, it's a very big, yeah, you know, you don't want a protocol that tries to do absolutely everything under the sun because then it'll be bad at everything too. And so I think the key question, which is still unresolved is like, to what degree are agents. Really? Really naturally fitting in to this existing model and paradigm or to what degree is it basically just like orthogonal? It should be something.swyx [00:45:17]: I think once you enable two way and once you enable client server to be the same and delegation of work to another MCP server, it's definitely more agentic than not. But I appreciate that you keep in mind simplicity and not trying to solve every problem under the sun. Cool. I'm happy to move on there. I mean, I'm going to double click on a couple of things that I marked out because they coincide with things that we wanted to ask you. Anyway, so the first one is, it's just a simple, how many MCP things can one implementation support, you know, so this is the, the, the sort of wide versus deep question. And, and this, this is direct relevance to the nesting of MCPs that we just talked about in April, 2024, when, when Claude was launching one of its first contexts, the first million token context example, they said you can support 250 tools. And in a lot of cases, you can't do that. You know, so to me, that's wide in, in the sense that you, you don't have tools that call tools. You just have the model and a flat hierarchy of tools, but then obviously you have tool confusion. It's going to happen when the tools are adjacent, you call the wrong tool. You're going to get the bad results, right? Do you have a recommendation of like a maximum number of MCP servers that are enabled at any given time?Justin/David [00:46:32]: I think be honest, like, I think there's not one answer to this because to some extent, it depends on the model that you're using. To some extent, it depends on like how well the tools are named and described for the model and stuff like that to avoid confusion. I mean, I think that the dream is certainly like you just furnish all this information to the LLM and it can make sense of everything. This, this kind of goes back to like the, the future we envision with MCP is like all this information is just brought to the model and it decides what to do with it. But today the reality or the practicalities might mean that like, yeah, maybe you, maybe in your client application, like the AI application, you do some fill in the blanks. Maybe you do some filtering over the tool set or like maybe you, you run like a faster, smaller LLM to like filter to what's most relevant and then only pass those tools to the bigger model. Or you could use an MCP server, which is a proxy to other MCP servers and does some filtering at that level or something like that. I think hundreds, as you referenced, is still a fairly safe bet, at least for Claude. I can't speak to the other models, but yeah, I don't know. I think over time we should just expect this to get better. So we're wary of like constraining anything and preventing that. Sort of long. Yeah, and obviously it highly, it highly depends on the overlap of the description, right? Like if you, if you have like very separate servers that do very separate things and the tools have very clear unique names, very clear, well-written descriptions, you know, your mileage might be more higher than if you have a GitLab and a GitHub server at the same time in your context. And, and then the overlap is quite significant because they look very similar to the model and confusion becomes easier. There's different considerations too. Depending on the AI application, if you're, if you're trying to build something very agentic, maybe you are trying to minimize the amount of times you need to go back to the user with a question or, you know, minimize the amount of like configurability in your interface or something. But if you're building other applications, you're building an IDE or you're building a chat application or whatever, like, I think it's totally reasonable to have affordances that allow the user to say like, at this moment, I want this feature set or at this different moment, I want this different feature set or something like that. And maybe not treat it as like always on. The full list always on all the time. Yeah.swyx [00:48:42]: That's where I think the concepts of resources and tools get to blend a little bit, right? Because now you're saying you want some degree of user control, right? Or application control. And other times you want the model to control it, right? So now we're choosing just subsets of tools. I don't know.Justin/David [00:49:00]: Yeah, I think it's a fair point or a fair concern. I guess the way I think about this is still like at the end of the day, and this is a core MCP design principle is like, ultimately, the concept of a tool is not a tool. It's a client application, and by extension, the user. Ultimately, they should be in full control of absolutely everything that's happening via MCP. When we say that tools are model controlled, what we really mean is like, tools should only be invoked by the model. Like there really shouldn't be an application interaction or a user interaction where it's like, okay, as a user, I now want you to use this tool. I mean, occasionally you might do that for prompting reasons, but like, I think that shouldn't be like a UI affordance. But I think the client application or the user deciding to like filter out the user, it's not a tool. I think the client application or the user deciding to like filter out things that MCP servers are offering, totally reasonable, or even like transform them. Like you could imagine a client application that takes tool descriptions from an MCP server and like enriches them, makes them better. We really want the client applications to have full control in the MCP paradigm. That in addition, though, like I think there, one thing that's very, very early in my thinking is there might be a addition to the protocol where you want to give the server author the ability to like logically group certain primitives together, potentially. Yeah. To inform that, because they might know some of these logical groupings better, and that could like encompasses prompts, resources, and tools at the same time. I mean, personally, we can have a design discussion on there. I mean, personally, my take would be that those should be separate MCP servers, and then the user should be able to compose them together. But we can figure it out.Alessio [00:50:31]: Is there going to be like a MCP standard library, so to speak, of like, hey, these are like the canonical servers, do not build this. We're just going to take care of those. And those can be maybe the building blocks that people can compose. Or do you expect people to just rebuild their own MCP servers for like a lot of things?Justin/David [00:50:49]: I think we will not be prescriptive in that sense. I think there will be inherently, you know, there's a lot of power. Well, let me rephrase it. Like, I have a long history in open source, and I feel the bizarre approach to this problem is somewhat useful, right? And I think so that the best and most interesting option wins. And I don't think we want to be very prescriptive. I will definitely foresee, and this already exists, that there will be like 25 GitHub servers and like 25, you know, Postgres servers and whatnot. And that's all cool. And that's good. And I think they all add in their own way. But effectively, eventually, over months or years, the ecosystem will converge to like a set of very widely used ones who basically, I don't know if you call it winning, but like that will be the most used ones. And I think that's completely fine. Because being prescriptive about this, I don't think it's any useful, any use. I do think, of course, that there will be like MCP servers, and you see them already that are driven by companies for their products. And, you know, they will inherently be probably the canonical implementation. Like if you want to work with Cloudflow workers and use an MCP server for that, you'll probably want to use the one developed by Cloudflare. Yeah. I think there's maybe a related thing here, too, just about like one big thing worth thinking about. We don't have any like solutions completely ready to go. It's this question of like trust or like, you know, vetting is maybe a better word. Like, how do you determine which MCP servers are like the kind of good and safe ones to use? Regardless of if there are any implementations of GitHub MCP servers, that could be totally fine. But you want to make sure that you're not using ones that are really like sus, right? And so trying to think about like how to kind of endow reputation or like, you know, if hypothetically. Anthropic is like, we've vetted this. It meets our criteria for secure coding or something. How can that be reflected in kind of this open model where everyone in the ecosystem can benefit? Don't really know the answer yet, but that's very much top of mind.Alessio [00:52:49]: But I think that's like a great design choice of MCPs, which is like language agnostic. Like already, and there's not, to my knowledge, an Anthropic official Ruby SDK, nor an OpenAI SDK. And Alex Roudal does a great job building those. But now with MCPs is like. You don't actually have to translate an SDK to all these languages. You just do one, one interface and kind of bless that interface as, as Anthropic. So yeah, that was, that was nice.swyx [00:53:18]: I have a quick answer to this thing. So like, obviously there's like five or six different registries already popped up. You guys announced your official registry that's gone away. And a registry is very tempting to offer download counts, likes, reviews, and some kind of trust thing. I think it's kind of brittle. Like no matter what kind of social proof or other thing you can, you can offer, the next update can compromise a trusted package. And actually that's the one that does the most damage, right? So abusing the trust system is like setting up a trust system creates the damage from the trust system. And so I actually want to encourage people to try out MCP Inspector because all you got to do is actually just look at the traffic. And like, I think that's, that goes for a lot of security issues.Justin/David [00:54:03]: Yeah, absolutely. Cool. And then I think like that's very classic, just supply chain problem that like all registries effectively have. And the, you know, there are different approaches to this problem. Like you can take the Apple approach and like vet things and like have like an army of, of both automated system and review teams to do this. And then you effectively build an app store, right? That's, that's one approach to this type of problem. It kind of works in, you know, in a very set, certain set of ways. But I don't think it works in an open source kind of ecosystem for which you always have a registry kind of approach, like similar to MPM and packages and PiPi.swyx [00:54:36]: And they all have inherently these, like these, these supply chain attack problems, right? Yeah, yeah, totally. Quick time check. I think we're going to go for another like 20, 25 minutes. Is that okay for you guys? Okay, awesome. Cool. I wanted to double click, take the time. So I'm going to sort of, we previewed a little bit on like the future coming stuff. So I want to leave the future coming stuff to the end, like registry, the, the, the stateless servers and remote servers, all the other stuff. But I wanted to double click a little bit. A little bit more on the launch, the core servers that are part of the official repo. And some of them are special ones, like the, like the ones we already talked about. So let me just pull them up already. So for example, you mentioned memory, you mentioned sequential thinking. And I think I really, really encourage people should look at these, what I call special servers. Like they're, they're not normal servers in the, in the sense that they, they wrap some API and it's just easier to interact with those than to work at the APIs. And so I'll, I'll highlight the, the memory one first, just because like, I think there are, there are a few memory startups, but actually you don't need them if you just use this one. It's also like 200 lines of code. It's super simple. And, and obviously then if you need to scale it up, you should probably do some, some more battle tested thing. But if you're interested, if you're just introducing memory, I think this is a really good implementation. I don't know if there's like special stories that you want to highlight with, with some of these.Justin/David [00:56:00]: I think, no, I don't, I don't think there's special stories. I think a lot of these, not all of them, but a lot of them originated from that hackathon that I mentioned before, where folks got excited about the idea of MCP. People internally inside Anthropik who wanted to have memory or like wanted to play around with the idea could quickly now prototype something using MCP in a way that wasn't possible before. Someone who's not like, you know, you don't have to become the, the end to end expert. You don't have access. You don't have to have access to this. Like, you know. You don't have to have this private, you know, proprietary code base. You can just now extend cloud with this memory capability. So that's how a lot of these came about. And then also just thinking about like, you know, what is the breadth of functionality that we want to demonstrate at launch?swyx [00:56:47]: Totally. And I think that is partially why it made your launch successful because you launch with a sufficiently spanning set of here's examples and then people just copy paste and expand from there. I would also highligh

Join Pascal and Sabrina on the latest Meta Tech Podcast episode as they discuss the evolution and future of GraphQL. From client-side consistency to innovative APIs, learn how GraphQL is making developers' lives easier and enhancing user experiences. Discover surprising insights into the challenges of building a mobile GraphQL platform and how it's transforming product development at Meta.  Got feedback? Send it to us on Threads (https://threads.net/@metatechpod), Instagram (https://instagram.com/metatechpod) and don't forget to follow our host Pascal (https://mastodon.social/@passy, https://threads.net/@passy_). Fancy working with us? Check out https://www.metacareers.com/. Links GraphQL: https://graphql.org/  Relay: https://relay.dev/  Sabrina at GraphQL Conf 2024: https://www.youtube.com/watch?v=PGBC-0E-kco  Timestamps Intro 0:06 Introduction Sabrina 1:42 Sabrina's team 2:47 What's GraphQL? 3:18 Relay and Mobile GraphQL Clients 4:01 GraphQL Consistency Engine 4:54 Pando Mobile GraphQL Client 7:16 Interfacing with Pando 8:03 Code generation 9:14 Inventing new features 10:43 The hidden complexity behind pagination 11:52 Working inside the GraphQL spec 16:00 Complexity tradeoffs 18:30 State of GraphQL at Meta 21:16 Measuring success 24:58 Optimistic Mutations 27:31 Collaboration model 31:42 Preventing early adoption 34:43 The challenge of migrating FBApp 37:10 What's next for mobile GraphQL? 40:22 Outro 41:54  

Max Stoiber is Co-Founder & CEO ofStellate, the GraphQL edge platformrecently acquired by Shopify.In this episode, we discuss:The Stellate journey from idea to initial traction to acquisitionThe market size (and limitations) for GraphQL, APIs, and DevToolsHow he ran a top-notch acquisition process for StellateWhy startups fail

Karina Nguyen leads research at OpenAI, where she's been pivotal in developing groundbreaking products like Canvas, Tasks, and the o1 language model. Before OpenAI, Karina was at Anthropic, where she led post-training and evaluation work for Claude 3 models, created a document upload feature with 100,000 context windows, and contributed to numerous other innovations. With experience as an engineer at the New York Times and as a designer at Dropbox and Square, Karina has a rare firsthand perspective on the cutting edge of AI and large language models. In our conversation, we discuss:• How OpenAI builds product• What people misunderstand about AI model training• Differences between how OpenAI and Anthropic operate• The role of synthetic data in model development• How to build trust between users and AI models• Why she moved from engineering to research• Much more—Brought to you by:• Enterpret—Transform customer feedback into product growth• Vanta—Automate compliance. Simplify security• Loom—The easiest screen recorder you'll ever use—Find the transcript at: https://www.lennysnewsletter.com/p/why-soft-skills-are-the-future-of-work-karina-nguyen—Where to find Karina Nguyen:• X: https://x.com/karinanguyen_• LinkedIn: https://www.linkedin.com/in/karinanguyen28• Website: https://karinanguyen.com/—Where to find Lenny:• Newsletter: https://www.lennysnewsletter.com• X: https://twitter.com/lennysan• LinkedIn: https://www.linkedin.com/in/lennyrachitsky/—In this episode, we cover:(00:00) Introduction to Karina Nguyen(04:42) Challenges in model training(08:21) Synthetic data and its importance(12:38) Creating Canvas(18:33) Day-to-day operations at OpenAI(20:28) Writing evaluations(23:22) Prototyping and product development(26:57) Building Canvas and Tasks(33:34) Understanding the job of a researcher(35:36) The future of AI and its impact on work and education(42:15) Soft skills in the age of AI(47:50) AI's role in creativity and strategy development(53:34) Comparing Anthropic and OpenAI(57:11) Innovations and future visions(01:07:13) The potential of AI agents(01:11:36) Final thoughts and career advice—Referenced:• What's in your stack: The state of tech tools in 2025: https://www.lennysnewsletter.com/p/whats-in-your-stack-the-state-of• Anthropic: https://www.anthropic.com/• OpenAI: https://openai.com/• What is synthetic data—and how can it help you competitively?: https://mitsloan.mit.edu/ideas-made-to-matter/what-synthetic-data-and-how-can-it-help-you-competitively• GPQA: https://datatunnel.io/glossary/gpqa/• Canvas: https://openai.com/index/introducing-canvas/• Barret Zoph on LinkedIn: https://www.linkedin.com/in/barret-zoph-65990543/• Mira Murati on LinkedIn: https://www.linkedin.com/in/mira-murati-4b39a066/• JSON Schema: https://json-schema.org/• Anthropic—100K Context Windows: https://www.anthropic.com/news/100k-context-windows• Claude 3 Haiku: https://www.anthropic.com/news/claude-3-haiku• A.I. Chatbots Defeated Doctors at Diagnosing Illness: https://www.nytimes.com/2024/11/17/health/chatgpt-ai-doctors-diagnosis.html• Cursor: https://www.cursor.com/• How AI will impact product management: https://www.lennysnewsletter.com/p/how-ai-will-impact-product-management• Lee Byron on LinkedIn: https://www.linkedin.com/in/lee-byron/• GraphQL: https://graphql.org/• Claude in Slack: https://www.anthropic.com/claude-in-slack• Sam Altman on X: https://x.com/sama• Jakub Pachocki on LinkedIn: https://www.linkedin.com/in/jakub-pachocki/• Lennybot: https://www.lennybot.com/• ElevenLabs: https://elevenlabs.io/• Westworld on Prime Video: https://www.amazon.com/Westworld-Season-1/dp/B01N05UD06• A conversation with OpenAI's CPO Kevin Weil, Anthropic's CPO Mike Krieger, and Sarah Guo: https://www.youtube.com/watch?v=IxkvVZua28k• Tuple: https://tuple.app/• How Shopify builds a high-intensity culture | Farhan Thawar (VP and Head of Eng): https://www.lennysnewsletter.com/p/how-shopify-builds-a-high-intensity-culture-farhan-thawar—Production and marketing by https://penname.co/. For inquiries about sponsoring the podcast, email podcast@lennyrachitsky.com.—Lenny may be an investor in the companies discussed. Get full access to Lenny's Newsletter at www.lennysnewsletter.com/subscribe

Today we are talking about GraphQL, Drupal Decoupled, and What to do with them with guest Jesus Manuel Olivas. We'll also cover CORS UI as our module of the week. For show notes visit: https://www.talkingDrupal.com/486 Topics What is GraphQL How do you use GraphQL with Drupal Would you use GraphQL without a headless theme Do you need additional server requirements What are some of your favorite GraphQL modules What caused the change from v3 to v4 What is meant by Drupal Decoupled What are the best use cases How do you handle caching and performance How do you handle roles and permissions Do you think AI has made decoupled more interesting Resources GraphQL GraphQL Compose GraphQL Compose Preview GraphQL Compose Webform GraphQL Compose Fragments Swagger UI Custom Field Drupal Decoupled Guests Jesus Manuel Olivas - drupal-decoupled.octahedroid.com jmolivas Hosts Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Scott Weston - scott-weston MOTW Correspondent Martin Anderson-Clutz - mandclu.com mandclu Brief description: Have you ever wanted to control your site's Cross-Origin Resource Sharing (aka CORS) configuration, directly within the Drupal admin UI? There's a module for that. Module name/project name: CORS UI Brief history How old: created in Sep 2016 by Sam Becker (sam152), a prolific module maintainer in his own right, though the most recent release is by Matt Glaman, who has been on this show and will need no introduction for many of our listeners Versions available: 8.x-1.2 which supports Drupal 9, 10, and 11 Maintainership Actively maintained Security coverage Number of open issues: 2 open issues, 1 of which is a bug, and also has a patch available Usage stats: 274 sites according to drupal.org Module features and usage By default cross-origin requests to Drupal applications will be denied. Since Drupal 8.2 you can add a section to your site's services.yml file to enable responses, and specify what headers, methods, and origins should be supported This module provides a form within Drupal to control these values. This could be helpful if, for example, these values need to change on a frequent basis, or for less technical users who are experimenting with a headless architecture. I should note that the bug mentioned earlier throws a fatal error in PHP 8, but is a simple fix. So if you want to try out this module, make sure you apply the patch.

Hoje o papo é sobre GraphQL no mobile. Neste episódio, conversamos sobre o histórico do GraphQL, desde os problemas que ele veio para resolver, até ecossistema, o que é (e o que não é) responsabilidade do GraphQL, vantagens e desvantagens do uso de GraphQL versus REST, e muito mais. Vem ver quem participou desse papo: André David, o host que já é o tradicional co-host Vinny Neves, Líder de Front-End na Alura Yago Oliveira, Coordenador de Conteúdo Técnico na Alura William Bezerra, Instrutor na Alura e Engenheiro Sênior no QuintoAndar

In this special episode of Watson Weekly, Rick Watson is joined by Kelly Goetsch, a Commercetools Advisor and industry thought leader. Kelly shares his unique insights into the evolving landscape of e-commerce, focusing on the intersection of technology and healthcare. Together, they explore key topics like consumer behavior trends, the growing role of composable commerce, and the untapped opportunities in health tech. From tackling HIPAA compliance to redefining retail experiences, this episode dives deep into the transformative potential of technology across industries. Don't miss this engaging discussion packed with expertise and forward-thinking strategies.About Kelly - Kelly Goetsch is a commercetools Advisor. Until January 2025, Kelly was the company's Chief Strategy Officer, and prior to that, he served as the Chief Product Officer at commercetools for nearly six years. Goetsch is an industry thought-leader who champions the MACH (Microservices, API, Cloud-Native, and Headless) movement, and co-founded the MACH Alliance, a group of 100+ independent, future-thinking tech companies dedicated to advocating for open, best-of-breed technology ecosystems. Prior to commercetools, Goetsch held senior-level product development and go-to-market responsibilities at Oracle and held the role of Senior Architect ATG (acquired by Oracle), where he was instrumental to 31 large-scale ATG implementationsHe is the author of four books - GraphQL for Modern Commerce (O'Reilly, 2020), APIs for Modern Commerce (O'Reilly, 2017), Microservices for Modern Commerce (O'Reilly, 2016) and E-Commerce in the Cloud (O'Reilly, 2014). He holds three patents, including one key to distributed computing.

In today's jam-packed episode, they dive deep into the world of API design, logging best practices, and effective configuration management. Our esteemed guests, Michael Dawson, James Snell, Matteo Collina, and Natalia Venditto, bring their extensive expertise to the table, discussing the nuances between GraphQL and REST/Open API, the merits of API First vs. Code First approaches, and the impacts of global states in Node.js applications.You'll hear insights on how to maintain effective API contracts, avoid common pitfalls in software development, and implement robust error handling and logging mechanisms. Additionally, the episode covers practical advice on optimizing large-scale ecosystems with tools like Pino and managing dependencies thoughtfully to avoid technical debt.They also touch on the personal side of development, with James Snell emphasizing the importance of well-being by taking regular breaks. Charles Max Wood shares his recent experience at a board game convention and recommends the TV show "Reacher" for some downtime entertainment.So, sit back and enjoy this enlightening conversation that spans across technical deep dives and light-hearted discussions, offering valuable takeaways for developers at all levels.SocialsLinkedIn: James SnellLinkedIn: Michael DawsonLinkedIn: Matteo CollinaLinkedIn: Natalia VendittoPicksCharles - Gnome Hollow | Board GameCharles - Reacher (TV Series 2022Michael - MakerWorld: Download Free 3D Printing Models Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

Joël and Stephanie go back to fundamentals as they pick apart some recent conversations they've been having around the office. Together they discuss the advantages of GraphQL over a REST API, how they utilise JSONB over a regular column or table, and the use-cases for and against a frontend framework like React. But what's the theme that ties all these conversations together? — The article mentioned in this episode was Why I'm over GraphQL (https://bessey.dev/blog/2024/05/24/why-im-over-graphql/) Your hosts for this episode have been thoughtbot's own Stephanie Minn and Joël Quenneville (https://www.linkedin.com/in/joel-quenneville-96b18b58/). If you would like to support the show, head over to our GitHub page (https://github.com/sponsors/thoughtbot), or check out our website (https://bikeshed.thoughtbot.com). Got a question or comment about the show? Why not write to our hosts: hosts@bikeshed.fm This has been a thoughtbot (https://thoughtbot.com/) podcast. Stay up to date by following us on social media - LinkedIn (https://www.linkedin.com/company/150727/) - Mastodon (https://thoughtbot.social/@thoughtbot) - Instagram (https://www.instagram.com/thoughtbot/) © 2024 thoughtbot, inc.

Scott and Wes talk with Søren Bramer Schmidt, Founder and CEO of Prisma, about database best practices, including the latest developments in serverless, local-first, and typed SQL solutions. Show Notes 00:00 Welcome to Syntax! 02:55 Søren's thoughts on GraphQL 03:53 Brought to you by Sentry.io 06:57 Common database mistakes 08:52 Prisma's stability and user experience 10:42 Typed SQL and advanced querying Announcing TypedSQL: Make your raw SQL queries type-safe with Prisma ORM Prisma Optimize 20:47 Serverless challenges and solutions Prisma Accelerate 27:11 Cloudflare's potential to dethrone AWS 29:13 Prisma and local-first development Prisma & Expo: A Better Path to Local-First Apps | App.js Conf 2024 35:30 Making local-first development mainstream 40:10 Challenges with async 42:43 Søren's thoughts on Drizzle 43:41 Søren's favorite database 47:21 The read your writes problem 48:58 Prisma hosted Postgres 51:44 Sick Picks & Shameless Plugs Sick Picks Søren: Cursor Shameless Plugs Søren: 1: Prisma Optimize 2: Prisma Postgres (coming soon) Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

GraphQL is an open-source query language for APIs and a runtime for executing those queries. It was developed by Facebook to address the problem of over-fetching or under-fetching data, which is a common issue with traditional REST APIs. Matt Bessey is a Principal Engineer and Software Architect. Earlier this year Matt wrote a blog post The post The End of GraphQL with Matt Bessey appeared first on Software Engineering Daily.

In episode 800 of Syntax, Scott and Wes sit down with John Resig, the creator of jQuery, to discuss the current state of React and TypeScript. They dive into the evolution of frontend frameworks, the challenges of server-side rendering, and the tech stack at Khan Academy. Show Notes 00:00 Welcome to Syntax! 00:59 Brought to you by Sentry.io. 01:32 What is jQuery? 05:31 Did you anticipate the success jQuery had? 07:16 allow-discrete, @starting-style. Install Nothing: App UIs With Native Browser APIs - Scott Tolinski. 07:54 Building the community around jQuery. 11:16 jQuery plugins. 13:00 Did you ever make money from jQuery? 16:13 What is your role at Khan Academy. 17:58 What is the tech stack at Khan Academy? 21:56 Why do you want to change your CSS and JS framework? 24:03 TypeScript vs Flow. 25:25 GraphQL federation. 28:08 What was your frontend framework journey? 30:23 Is there any part of React you wish would improve? 32:37 Reservations using React Router. 33:14 Khan Academy web platform vs native platform. 35:21 What do you use for state management? 38:48 What's harder than it should be on the web today? Kilian's Question On X. Polypane.app. 42:46 Opinions on JavaScript Sprinkles. 44:04 What's with the $ sign in jQuery? 45:29 The challenges of having your name in such a widely used software. 51:06 Challenges with server-side rendering in React. 52:42 Sick Picks & Shameless Plugs. 54:48 What are the performance issues associated with internationalization? 56:57 Back to Sick Picks & Shameless Plugs. Sick Picks John: Biome, Remix, Lingui. Shameless Plugs John: Khan Academy. Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads